Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
145s -
max time network
84s -
platform
windows7_x64 -
resource
win7v200430 -
submitted
09/07/2020, 17:19
Static task
static1
Behavioral task
behavioral1
Sample
700a1s0ssssd7da.exe
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
700a1s0ssssd7da.exe
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
700a1s0ssssd7da.exe
-
Size
717KB
-
MD5
3dcb42c5e7545c629c30d501feb908d5
-
SHA1
9633e564b46262cc03cdd29dc1a7aec468c0757e
-
SHA256
24ca9e85cfc0b4303facfe25f920917937ed7d5cca7938362417599d8444e159
-
SHA512
62d7cc702fdbdd11931a652fdb59aaf65cea32eb2ce29029abdfa44eb3c47a4c8b13703b808a68d836b897f6371dcfa3afe3ec3c396f482397ebee99cd99baf2
Score
10/10
Malware Config
Extracted
Path
C:\MSOCache\All Users\{90140000-0011-0000-1000-0000000FF1CE}-C\Read_Me.txt
Ransom Note
Attention!
All your files, documents, photos, databases and other important files are encrypted
The only method of recovering files is to purchase an unique decryptor. Only we can give you this decryptor and only we can recover your files.
The server with your decryptor is in a closed network TOR. You can get there by the following ways:
----------------------------------------------------------------------------------------
1. Download Tor browser - https://www.torproject.org/
2. Install Tor browser
3. Open Tor Browser
4. Open link in TOR browser: http://7rzpyw3hflwe2c7h.onion/?LLLLLLLL
5. Follow the instructions on this page
----------------------------------------------------------------------------------------
On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.
Alternate communication channel here: http://helpqvrg3cc5mvb3.onion/
URLs
http://7rzpyw3hflwe2c7h.onion/?LLLLLLLL
http://helpqvrg3cc5mvb3.onion/
Signatures
-
Suspicious use of WriteProcessMemory 42 IoCs
description pid Process procid_target PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1852 wrote to memory of 620 1852 MsiExec.exe 37 PID 1852 wrote to memory of 620 1852 MsiExec.exe 37 PID 1852 wrote to memory of 620 1852 MsiExec.exe 37 PID 1852 wrote to memory of 620 1852 MsiExec.exe 37 PID 620 wrote to memory of 1840 620 wevtutil.exe 39 PID 620 wrote to memory of 1840 620 wevtutil.exe 39 PID 620 wrote to memory of 1840 620 wevtutil.exe 39 PID 620 wrote to memory of 1840 620 wevtutil.exe 39 -
Suspicious behavior: EnumeratesProcesses 4530 IoCs
pid Process 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1396 msiexec.exe 1396 msiexec.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1572 explorer.exe -
Modifies service 2 TTPs 4 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe -
Drops startup file 1 IoCs
description ioc Process File created C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\Read_Me.txt 700a1s0ssssd7da.exe -
Suspicious use of FindShellTrayWindow 81 IoCs
pid Process 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe -
Suspicious use of SendNotifyMessage 93 IoCs
pid Process 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe -
Loads dropped DLL 42 IoCs
pid Process 984 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 1852 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe -
Registers COM server for autorun 1 TTPs 24 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe -
Modifies data under HKEY_USERS 3 IoCs
description ioc Process Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\24\52C64B7E msiexec.exe Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\24 msiexec.exe Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\25 msiexec.exe -
Drops file in Windows directory 44 IoCs
description ioc Process File opened for modification C:\Windows\Installer\MSI423A.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8126.tmp msiexec.exe File created C:\Windows\Installer\2a3fb.mst msiexec.exe File opened for modification C:\Windows\Installer\MSIA784.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIB77F.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI1CD7.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI3F4A.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSICD9.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI118D.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI1851.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIBAAC.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIBD3C.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIBEB3.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSID282.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI75C.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI1E8D.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI3F7A.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI43E0.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI779D.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIB5E9.tmp msiexec.exe File opened for modification C:\Windows\Installer\ msiexec.exe File opened for modification C:\Windows\Installer\MSI7B58.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI7EC4.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSID468.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSID56.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI117C.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI3C8A.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI7DB9.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSID34E.tmp msiexec.exe File created C:\Windows\Installer\2a3fe.ipi msiexec.exe File opened for modification C:\Windows\Installer\MSI1C69.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI3E7E.tmp msiexec.exe File opened for modification C:\Windows\Installer\2a3fb.mst msiexec.exe File opened for modification C:\Windows\Installer\MSIA9B7.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI7F70.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8A3C.tmp msiexec.exe File opened for modification C:\Windows\Installer\2a3fe.ipi msiexec.exe File opened for modification C:\Windows\Installer\MSIAB2E.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8867.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI529.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI1BDB.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI23FA.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI41FA.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI780C.tmp msiexec.exe -
Suspicious use of SetThreadContext 1 IoCs
description pid Process procid_target PID 1432 set thread context of 1708 1432 700a1s0ssssd7da.exe 26 -
Drops desktop.ini file(s) 41 IoCs
description ioc Process File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Documents\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Music\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Videos\Sample Videos\desktop.ini 700a1s0ssssd7da.exe File opened for modification \??\M:\$RECYCLE.BIN\S-1-5-21-910373003-3952921535-3480519689-1000\desktop.ini explorer.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Music\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Videos\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\Links for United States\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Libraries\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Music\Sample Music\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Videos\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Searches\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Pictures\Sample Pictures\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Recorded TV\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\ZDAW0I3Y\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Contacts\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Desktop\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\Links\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Pictures\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\IQD6DIKV\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Downloads\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Saved Games\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Documents\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\LUBVL9MG\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Desktop\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Pictures\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\5Q8AAMSB\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Links\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Downloads\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Recorded TV\Sample Media\desktop.ini 700a1s0ssssd7da.exe -
Enumerates connected drives 3 TTPs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of AdjustPrivilegeToken 1005 IoCs
description pid Process Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeIncreaseQuotaPrivilege 1220 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeSecurityPrivilege 1396 msiexec.exe Token: SeCreateTokenPrivilege 1220 explorer.exe Token: SeAssignPrimaryTokenPrivilege 1220 explorer.exe Token: SeLockMemoryPrivilege 1220 explorer.exe Token: SeIncreaseQuotaPrivilege 1220 explorer.exe Token: SeMachineAccountPrivilege 1220 explorer.exe Token: SeTcbPrivilege 1220 explorer.exe Token: SeSecurityPrivilege 1220 explorer.exe Token: SeTakeOwnershipPrivilege 1220 explorer.exe Token: SeLoadDriverPrivilege 1220 explorer.exe Token: SeSystemProfilePrivilege 1220 explorer.exe Token: SeSystemtimePrivilege 1220 explorer.exe Token: SeProfSingleProcessPrivilege 1220 explorer.exe Token: SeIncBasePriorityPrivilege 1220 explorer.exe Token: SeCreatePagefilePrivilege 1220 explorer.exe Token: SeCreatePermanentPrivilege 1220 explorer.exe Token: SeBackupPrivilege 1220 explorer.exe Token: SeRestorePrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeDebugPrivilege 1220 explorer.exe Token: SeAuditPrivilege 1220 explorer.exe Token: SeSystemEnvironmentPrivilege 1220 explorer.exe Token: SeChangeNotifyPrivilege 1220 explorer.exe Token: SeRemoteShutdownPrivilege 1220 explorer.exe Token: SeUndockPrivilege 1220 explorer.exe Token: SeSyncAgentPrivilege 1220 explorer.exe Token: SeEnableDelegationPrivilege 1220 explorer.exe Token: SeManageVolumePrivilege 1220 explorer.exe Token: SeImpersonatePrivilege 1220 explorer.exe Token: SeCreateGlobalPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeIncreaseQuotaPrivilege 608 explorer.exe Token: SeCreateTokenPrivilege 608 explorer.exe Token: SeAssignPrimaryTokenPrivilege 608 explorer.exe Token: SeLockMemoryPrivilege 608 explorer.exe Token: SeIncreaseQuotaPrivilege 608 explorer.exe Token: SeMachineAccountPrivilege 608 explorer.exe Token: SeTcbPrivilege 608 explorer.exe Token: SeSecurityPrivilege 608 explorer.exe Token: SeTakeOwnershipPrivilege 608 explorer.exe Token: SeLoadDriverPrivilege 608 explorer.exe Token: SeSystemProfilePrivilege 608 explorer.exe Token: SeSystemtimePrivilege 608 explorer.exe Token: SeProfSingleProcessPrivilege 608 explorer.exe Token: SeIncBasePriorityPrivilege 608 explorer.exe Token: SeCreatePagefilePrivilege 608 explorer.exe Token: SeCreatePermanentPrivilege 608 explorer.exe Token: SeBackupPrivilege 608 explorer.exe Token: SeRestorePrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeDebugPrivilege 608 explorer.exe Token: SeAuditPrivilege 608 explorer.exe Token: SeSystemEnvironmentPrivilege 608 explorer.exe Token: SeChangeNotifyPrivilege 608 explorer.exe Token: SeRemoteShutdownPrivilege 608 explorer.exe Token: SeUndockPrivilege 608 explorer.exe Token: SeSyncAgentPrivilege 608 explorer.exe Token: SeEnableDelegationPrivilege 608 explorer.exe Token: SeManageVolumePrivilege 608 explorer.exe Token: SeImpersonatePrivilege 608 explorer.exe Token: SeCreateGlobalPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeSecurityPrivilege 620 wevtutil.exe Token: SeBackupPrivilege 620 wevtutil.exe Token: SeSecurityPrivilege 1840 wevtutil.exe Token: SeBackupPrivilege 1840 wevtutil.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe -
Modifies Installed Components in the registry 2 TTPs 4 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe -
Modifies registry class 234 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit\command msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDs.HxRegistryWalker.1" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ = "Help HxProtocol" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDs.HxRegister.1" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\edit msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDs.HxRegistryWalker" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDS.HxRegisterProtocol.1" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open\command\ = "\"C:\\Program Files\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLED.EXE\" /verb open \"%1\"" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDS.HxSession.1" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\edit\command msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411199-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\TypeLib\ = "{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ = "IDummyOleComponentManager" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0 msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_Classes\Local Settings explorer.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\DefaultIcon msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0\win64\ = "C:\\Program Files\\Microsoft Office\\Office14\\ADDINS\\otkloadr_x64.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\TypeLib\Version = "1.0" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\open msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\ = "Microsoft Visual Studio Tools for the Microsoft Office System Loader 1.0 Type Library" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-A502-11D2-BBCA-00C04F8EC294}" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\ = "HxRegisterProtocol Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDs.HxFilters.1" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_Classes\Local Settings explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\ = "HxRegistryWalker Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-A502-11D2-BBCA-00C04F8EC294}" msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler\ = "{AB968F1E-E20B-403A-9EB8-72EB0EB6797E}" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDs.HxFilters" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "Hxds.HxPlugIn" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDs.HxRegister" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\FLAGS\ = "0" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\ = "HxParseDisplayName Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "Hxds.HxPlugIn.1" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDS.HxRegisterProtocol" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\ = "HxRegister Class" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{314111d9-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\ = "HxPlugIn Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\ = "HxSession Class" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0 msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\ = "HxFilters Class" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_Classes\Local Settings explorer.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\DefaultIcon\ = "\"%1\"" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411199-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\PROTOCOLS\Handler\ms-help msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\CLSID = "{314111c7-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid32 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\Interface\{000C0601-0000-0000-C000-000000000046} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDS.HxRegisterSession" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid\ = "{00020424-0000-0000-C000-000000000046}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit\command\ = "\"C:\\Program Files\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLED.EXE\" /verb edit \"%1\"" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\DefaultIcon msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open\command msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\open\command msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0\win64 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\FLAGS msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\ = "HxRegisterSession Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ = "HxProtocol Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_Classes\Local Settings explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDS.HxRegisterSession.1" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\FLAGS msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDS.HxSession" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid32 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0\win64 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe -
Drops file in Program Files directory 12075 IoCs
description ioc Process File opened for modification C:\Program Files\Mozilla Firefox\xul.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152882.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297749.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmprph.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Verve.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00289_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21527_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\desktop.ini 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\fxplugins.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Country.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\InformationIcon.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_id.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00265_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Foundry.xml 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00005_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01545_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297551.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveNewsletter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WWLIB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\NUMERIC.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216588.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaremr.dll 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00623_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103812.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome_200_percent.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00806_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18211_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\logger\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Hardcover.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301076.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OMSINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2B.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\VeriSignLogo.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hy.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0171847.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Paper.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREET11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEM.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormToolImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\STUBBY1.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\OmdBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbjvs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprsr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\LICENSE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_es.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01635_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Adobe.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD98SP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\precomplete 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.CGM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0390072.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21390_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART1.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\TOOLICON.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00116_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSRETRO.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01040_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\deploy\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\classlist 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Beirut 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.HLP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\adovbs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchobj.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107494.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_04.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PRRTINST.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01568_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONLNTCOMLIB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\NamedURLs.HxK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santiago 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00269_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00350_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\WIND.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Network Sharing\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Visualizations\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-tools.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02464_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10253_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\macroprogress.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado26.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\ConvertUse.DVR-MS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18205_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\1036\MSGR3FR.DLL 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\orbd.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309705.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BCSRuntimeRes.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRLEX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME04.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\ColleagueImport.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEML.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Metlakatla 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME55.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSSPC.ECF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090149.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00734_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0088542.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RECS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msaddsr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14529_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\History.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libstats_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignright.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB2B.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZCARD.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03459_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.XLS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\BG_ADOBE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKWord.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090779.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Discussion.gta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN058.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XIMAGE3B.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\WET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152558.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143744.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCOUPON.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00142_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.dub 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0332364.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcs.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00231_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21448_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Customer Support.fdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\HEADER.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00084_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceca35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00255_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285750.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SBCGLOBAL.NET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187817.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301252.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-cn.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN111.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Malta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281632.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0287005.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OMSINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282928.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18253_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OSPP.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEXBE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Premium.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IMPMAIL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPSideShowGadget.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187883.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Origin.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.PL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00160_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpshare.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\header.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\WSS_DocLib.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ieproxy.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0295069.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Xlate_Complete.xsn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsImageTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote.gpd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Shades of Blue.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00076_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115844.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Country.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152560.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\Publisher\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292152.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SUBMIT.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLMIME.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ne.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198025.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106222.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152708.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14533_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\uk.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-execution.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00586_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\TexturedBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.HK.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285822.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01746_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Noronha 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01164_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageScript.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21305_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MARQUEE.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086426.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPPT.OLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00260_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\STSLISTI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_socket.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.ini 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\is\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadco.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106020.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24ImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107026.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187861.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0235319.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZDAT12.ACCDU 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jvm.hprof.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099187.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18230_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME46.CSS 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Currie 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02228_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OneNoteSyncPCIntl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPUB.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Slipstream.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\LOOKUP.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPUNCT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304371.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Pushpin.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libdeinterlace_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00732_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_am.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00775_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341561.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXCEL.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\es.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00395_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSRuntime.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\jnwmon.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\wab32res.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME27.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\gfserrorfromgroove.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Iqaluit 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Custom.propdesc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01750_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\GIGGLE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSQRY32.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\el.pak 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Photo Viewer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_EN.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\ACADEMIC.ONE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400001.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00132_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178632.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292278.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tunis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01173_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.LTS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Adobe.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02794_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0157763.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MOR6INT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Madeira 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01660_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00268_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_on.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jawt.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00911_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152568.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10301_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Minsk 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00135_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00170_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00254_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginReport.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00523_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Auto.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CLICK.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.CN.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.exe 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\an\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Visualizations\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\local_policy.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Menominee 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03236_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_ON.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\oeimport.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00405_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_OliveGreen.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\PublicFunctions.js 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL095.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBOB6.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadrh15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_OliveGreen.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00685_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR12F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FEZIP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090390.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7ge.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\MSB1ARFR.ITS 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libaribcam_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00426_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB6.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmplayer.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\currency.data 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.password.template 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts.css 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ca.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Midway 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105380.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199429.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_italic.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00902_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105332.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183198.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\io.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\jsdbgui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2ssv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-PT.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03143I.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21413_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN108.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00343_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400002.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_MediumMAsk.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00057_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187893.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ContactPicker.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handler.reg 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\DELIMR.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleHandler.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\content-types.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309920.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00202_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02369_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosecolor.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Brunei 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CNFNOT32.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYBB.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Araguaina 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFOWC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBARBLL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMCCore.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04267_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SUBMIT.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AWARDHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\background.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\sd\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTAREA.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\OriginFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00169_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14532_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00256_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02424_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME21.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpenc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309902.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN048.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18235_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\MSB1ENFR.ITS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCD11.POC 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21304_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\VideoLAN Website.url 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6EXT.OLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENVELOPE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\EEINTL.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105506.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Module.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrowMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234131.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115842.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado25.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00092_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01701_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msader15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107712.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\lt.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libparam_eq_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Darwin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01866_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Niue 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Author2String.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VPREVIEW.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyMergeLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdfmap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341551.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00257_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrome.7z 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL087.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241041.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01149_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01152_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187895.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft.NET\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00411_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0291984.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_underline.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18212_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18210_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\server\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00046_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01253_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\MemoryAnalyzer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART13.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\th.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fa.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105912.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Civic.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00077_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200611.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02470U.BMP 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox28.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106124.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_et.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01751_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00121_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02028K.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02752G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosefont.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine_64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Couture.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ADD.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01565_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\NOTEBOOK.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296279.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00256_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ie9props.propdesc 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupicons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpEvMsg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00333_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00242_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105338.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384888.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01046J.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21310_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00252_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01636_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\UnpublishRename.xlsb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Horizon.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14756_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CT_ROOTS.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00218_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00648_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00367_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GRAPH.EXE 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\si\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\en-GB.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00158_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107512.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageSlice.gif 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Taipei 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lord_Howe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196374.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157831.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\ELPHRG01.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe.sig 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pitcairn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN089.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDBAR98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyReport.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00236_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN001.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Folders\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18249_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0251007.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL110.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Comments.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Sofia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Metro.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18229_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBHW6.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01178_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01191_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\TOC98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Traditional.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\DRUMROLL.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0293832.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\Accessories\wordpad.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\eu.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00555_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUDGESCH.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libstereo_widen_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\Bibliography\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Public_Primary_CA.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\sidebar.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_te.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.InfoPath.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00078_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00736_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105530.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMSL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0202045.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234376.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\va.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGDIC.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\SOLVER\SOLVER32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dcpr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Seoul 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Opulent.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216516.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\THROAT.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPDESIGN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPSLAX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2launcher.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02166_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Prague 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199473.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielMergeFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02227_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\OmdProject.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACTS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImagesMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00194_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OnLineIdle.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcor.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382968.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\LASER.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\QuizShow.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Antigua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105282.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\La_Paz 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LETTHEAD.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OutSyncPC.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099178.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32r.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\VelvetRose.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\default_apps\drive.crx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01472_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02267_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIcon.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UCT 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\header.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341448.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00018_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Issue Tracking.gta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01173_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\subscription.xsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR35F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKIRM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0315612.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcanvas_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00524_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00942_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGN.CFG 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Grid.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EntityDataHandler.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\fi.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Eurosti.TTF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\RPT2HTM4.XSL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VC\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00527_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149887.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_OliveGreen.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\1 Top.accdt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Bermuda 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00601_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLAPPT.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMaskSmall.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts2.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEINTL.DLL 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\PAB.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\WSSFilesToolHomePageBackground.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageScript.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Midway 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02749U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\validation.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\Accessories\WordpadFilter.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\macroprogress.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Verve.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299587.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Stock Quotes.iqy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\STSLIST.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FiveRules.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182946.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205466.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR12F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTITS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01603_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Trek.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULQOT98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR15F.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\audiodepthconverter.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_pressed.gif 700a1s0ssssd7da.exe File created C:\Program Files\Windows Journal\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART14.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\networkinspection.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00186_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Grid.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPNSSUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18194_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\kaa.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\ProPlusWW.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01356_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_en.dub 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOSTYLE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18209_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICCAP98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Issues.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239063.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\hrtfs\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Northwind.accdt 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSQRY32.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\81.0.4044.129.manifest 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21328_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACC.CFG 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195772.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18257_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\id.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00438_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0136865.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\BUZZ.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OIS.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Monrovia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEMS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpAsDesc.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02264_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00423_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART4.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEM.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00783_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Verve.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanPhotoAlbum.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00673L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPreviewTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\liblogo_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099181.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02062U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\FUNCRES.XLAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATALOG.DPV 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00799_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03257_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02417U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02957_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\BOMB.WAV 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\FAX\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WINWORD.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OCRVC.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZFORM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL98.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0098497.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SNET.NET.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCAL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PNCTUATE.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237759.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendtoOneNoteFilter.gpd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ospintl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\setup_wm.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Country.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OARTCONV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\107.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00454_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Executive.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDSLM.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\th.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Solstice.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00608_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Austin.eftx 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\FORMS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_underline.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02958_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15173_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151067.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200521.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14833_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0230553.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\LightSpirit.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152590.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICSTYLES.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\PST8PDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02862_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Adjacency.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21315_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00042_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0158071.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImages16x16.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormToolImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_italic.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107342.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CMNTY_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.HOL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\da.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15023_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\background.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\az.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02069J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ogalegit.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ba.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01084_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234000.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212701.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00965_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237336.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14868_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01772_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_LightSpirit.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\README.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESNS.ICO 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\el\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.LIC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\DBGHELP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCAL.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGLISH.LNG 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00192_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Technic.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\InformationIconMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01329_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15057_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Maroon.css 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14539_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\splashscreen.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382939.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18250_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RTFHTML.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmlaunch.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Gaza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SegoeChess.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02312_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPrintTemplate.html 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\TableTextService\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EMSMDB32.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Stationery\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcjavas.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08868_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01183_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145879.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00097_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Trek.xml 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Paramaribo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099165.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECRECS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUNGLE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Module.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152430.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02291U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOUC.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105588.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239935.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR30F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javacpl.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00146_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Executive.eftx 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\requests\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayenne 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02758U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\COUPON.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESUME.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FRAR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\jsdebuggeride.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02759J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALSO11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Orange Circles.htm 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\sound.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00633_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241781.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Edmonton 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02075_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR19F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\INDOMAIN.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VGX\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VS_ComponentSigningIntermediate.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado21.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\calendars.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01154_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{790FB95E-131F-4B1A-93CD-438F382AB794}\81.0.4044.129_chrome_installer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Lisbon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01838_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME15.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212661.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\skins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jce.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00636_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10299_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBARV.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOCIALPROVIDER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WNTER_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_hyperlink.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7zCon.sfx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105336.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-options.xml_hidden 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-BR.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Concourse.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BORDERBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0171685.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216874.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpCmdRun.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183172.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215076.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382927.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME44.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\FindConfirm.dot 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfxrt.jar 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GreenTea.css 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\PYCC.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00482_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01743_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01148_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME02.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0298653.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR22F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\reader\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382931.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02503U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.Infopath.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02423_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Contacts.accdt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\de\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Trek.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OMSSMS.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\DELETE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00014_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00116_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\DataServices\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\utilityfunctions.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEMANAGED.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WSIDBR98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxwebkit.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART8.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\WPGIMP32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21481_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Vancouver 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382961.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.catalog 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00248_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\IMAGE.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\SketchIconImages.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SPANISH.LNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ielowutil.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195428.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UNT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Median.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CHIMES.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBREF.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDIRMV.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00687_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewFrame.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN107.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR25F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_TexturedBlue.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00305_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00935_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Adelaide 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\amd64\jvm.cfg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03795_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00247_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00392_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALENDAR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\am.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00172_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TAIL.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\SNEEZE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02253_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Premium.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ro.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00234_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00532_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPUNCT.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\de.pak 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pontianak 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\manifest.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java_crw_demo.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21324_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPrintTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsMacroTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Amman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10335_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTITL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\lv.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\klist.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18187_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mip.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterNotificationDescriptors.xml 700a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Configuration\Schema\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241773.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14792_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR33F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02270_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099170.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\jnwppr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cuiaba 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\1033\OFFICE10.MML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382967.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\RE00006_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00486_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBRV.XML 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\Ole DB\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hebron 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195342.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07831_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBAR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\Accessible.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Indiana\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\Accessories\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099150.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01063_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\misc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pe.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00234_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107358.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18234_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152894.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00330_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-iio.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Manila 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GreenTea.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090777.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384862.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB01741L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099176.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginResume.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\libEGL.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01245_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143753.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10254_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\sqmapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSACC.OLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceAmharic.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME41.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECE.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PUBWIZ\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00345_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePageBlank.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Christmas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00361_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tahiti 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02950_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Formal.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MX.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32res.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQ.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_GreenTea.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\COPYING.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143749.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Urban.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15155_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielReport.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libimem_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_disable.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFRHD.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveMergeLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DVDHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00668_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORT.CFG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Library\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Cape_Verde 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00726_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281008.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImages.jpg 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Modern.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Aspect.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15059_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_de.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14829_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSTORY.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CharSetTable.chr 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_decreaseindent.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\NewProtect.M2V 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Services\verisign.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382925.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0090070.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01629_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\RADIO.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-text.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04174_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105250.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02743G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts2.css 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mk.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01235U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EntityPickerIntl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLPERF.H 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\DLGSETP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105600.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0290548.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ProjectStatusReport.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02214_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7es.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086432.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03331_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\visualization\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLTASK.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105504.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02791_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198226.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\YEAR.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mraut.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0089945.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTVIEW.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\Sidebar.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152622.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217872.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382930.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240175.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14530_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Generic.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingEngine.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183574.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryNewsletter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18197_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XOCR3.PSP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\eo.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\SDK\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\libxslt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordconv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Earthy.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\BG_ADOBE.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Mail\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcfr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195254.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00478_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15272_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\applet\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPOLK.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CLVIEW.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATETIME.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SAMPLES\SOLVSAMP.XLS 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTOC.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianMergeLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\WTSP61MS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04225_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00564_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ar.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\RequestDisconnect.php 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\81.0.4044.129\81.0.4044.129_chrome_installer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Knox 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215709.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\3082\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00095_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Country.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00814_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\hprof.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.Infopath.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00428_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\msdbg2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR22F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\MEIPreload\manifest.json 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\LogoCanary.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Code_Signing_2001-4_CA.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\MENUS.JS 700a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107724.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182689.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02051_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18199_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00526_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PUBBA\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14753_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14755_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_SlateBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsMacroTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0315580.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02437_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OCRHC.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART3.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\DELETE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libchain_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196142.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14513_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsVersion1Warning.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Composite.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.JS 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\OFFICE10.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSN.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Black Tie.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21336_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\MEDIA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\el.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONPPTAddin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Address.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL081.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS4BOXES.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SHAREPOINTPROVIDER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-CN.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLSLICER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Waveform.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR41F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\CompareInitialize.m4a 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216612.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107158.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151047.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14871_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105520.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLMAILR.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MsMpLics.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\sonicsptransform.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00274_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.MMW 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SETLANG.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\nss3.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser_64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hovd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107364.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01240_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0315447.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251301.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBHD.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105410.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceDaYi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDREQ.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00116_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Off.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudiobargraph_a_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01298_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\FONTSCHM.INI 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART7.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Portable Devices\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT532.CNV 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_stats_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00021_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313974.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18221_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST7MDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01157_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153273.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01166_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10256_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\wxpr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Whitehorse 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Macquarie 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105306.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02404_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01143_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10268_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUNGLE.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01630_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_mr.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02187_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosecolor.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21480_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\OneNote\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMaskRTL.bmp 700a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\IA2Marshal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01179_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18191_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00092_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183174.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\msadc\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tehran 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\builtincontrolsschema.xsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\ANALYS32.XLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105638.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome.exe.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153087.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME31.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\tnameserv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.bfc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Reunion 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01161_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange.css 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\SAMPLES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Groove.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02810J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341554.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00685_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\derby_common.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309664.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21433_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableDownArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02024_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01761_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02125_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0298897.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\2 Top.accdt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\th\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233512.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MUSIC_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\BodyPaneBackground.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tirane 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN090.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-windows.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_02.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107514.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238927.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01219_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Angles.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00914_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01080_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Waveform.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233312.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0304933.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FORM.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15034_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\id\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198494.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00560_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00688_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153302.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaremr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\1 Right.accdt 700a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Configuration\Registration\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_uk.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boise 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessData.xml 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImageMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\defaults\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Data0011.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BANNER.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmprph.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_06.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01569_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_SlateBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Oriel.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\MMHMM.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152626.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18232_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACCL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00898_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MLCFG32.CPL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10219_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\3082\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01268_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\THMBNAIL.PNG 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01473_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205582.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01218_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00686_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\7-Zip\Lang\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292286.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01468_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Photo Viewer\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageStyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\msproof7.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanMergeLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME24.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02278_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\1033\CAGCAT10.MML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234657.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\instrument.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00453_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00526_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Attachments.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04385_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00726_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10297_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185818.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02169_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05665_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115835.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200279.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00390_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02559_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpClient.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\LimitExit.iso 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\BORDERS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.SE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\HEADINGBB.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\mpvis.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02417_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Oriel.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14768_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME37.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00038_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\TRANSMGR.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02028_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER98.POC 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEWSTR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMML2MML.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FORM98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199036.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0250997.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299125.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287643.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18222_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavcodec.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\jaccess.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157191.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00004_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01265U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0302953.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01123_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR15F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\da\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Godthab 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00462_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR11F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\Logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105386.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105496.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CRANE.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152696.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01330_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Origin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382948.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-print.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01174_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174952.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00221_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginDialogBackground.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Office Word 2003 Look.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy.jar 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02134_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21435_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21323_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL107.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BDRTKFUL.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\platform.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183290.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10266_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Khandyga 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jvm.lib 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\attention.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04323_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03466_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\az\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsink.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02068_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00183_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jsound.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Uninstall Information\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02198_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\de.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKUPD.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBlankPage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7fr.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_cs.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251925.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTEL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESTL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0289430.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME29.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipres.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPAPERS.INI 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\validation.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.ES.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTICO.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04355_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107496.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Defender\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rankin_Inlet 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185778.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Status.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Graph.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148757.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3ES.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18245_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Phoenix 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Athens 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kosrae 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00352_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PSTPRX32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmarq_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\JPEGIM32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpconfig.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMCCore.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libgestures_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00010_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0150861.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152690.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02269_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\WHOOSH.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02386_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18204_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME43.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\BCSAddin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\meta-index 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hardware Tracker.fdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_bullets.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02466U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01839_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151073.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jsse.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099156.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198021.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00231_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONWordAddin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadce.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TaxonomyControl.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssci.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHigh.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ClassicPhotoAlbum.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1AR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18228_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_VelvetRose.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\PublicFunctions.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_choosecolor.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00687_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01163_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105266.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293238.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SlateBlue.css 700a1s0ssssd7da.exe File created C:\Program Files\Windows NT\TableTextService\en-US\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00270_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMECONTROLSERVER.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\d3dcompiler_47.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02066_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\WinMail.exe 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLINACC.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106146.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\SignedManagedObjects.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thule 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Document Parts\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Maroon.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\HAMMER.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198447.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01221K.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Composite.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Urban.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsprofilerui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_TexturedBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\plugin.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\New_York 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Composite.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7tk.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL077.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Students.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadds.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105298.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Earthy.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107734.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\InfoPathWelcomeImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234266.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Earthy.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Andorra 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00914_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149627.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe 700a1s0ssssd7da.exe File created C:\Program Files\Windows Portable Devices\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\AUTOSHAP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXPTOOWS.XLA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\HORN.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpnssci.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281243.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0305493.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7en.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javafx.policy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199609.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00728_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Flow.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200383.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01237_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\D3DCompiler_47.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\MINUS.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB10.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SLERROR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HTECH_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SWBELL.NET.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Install\{790FB95E-131F-4B1A-93CD-438F382AB794}\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01299_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Windows NT\Accessories\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Earthy.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VISSHE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Thatch.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02756U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00308_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadce.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00273_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105360.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\notification_helper.exe 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Lexicons0011.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185798.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10264_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\release 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\1036\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\swiftshader\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OISAPP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDICON.EXE 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18206_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupiconsmask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18220_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15061_.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Internet Explorer\SIGNUP\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Salta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04206_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00798_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00018_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\fieldswitch.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01770_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPDSINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OutDomain.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\COPYRIGHT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_choosefont.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ar.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0089992.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\Presentation Designs\Maple.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\omni.ja 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javaws.policy 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBOXES.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Perspective.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00015_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\pl.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174315.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\nacl_irt_x86_64.nexe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107090.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01242_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.XML 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Manila 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Curacao 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\vdk150.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Marketing Projects.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Synchronization.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02298_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172067.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14578_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpOAV.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_increaseindent.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14514_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Newsprint.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ml.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00052_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099205.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313965.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLFLTR.DAT 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\ado\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\en-US\msader15.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Essential.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Module.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSRTEDIT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200430125146.pma 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00372_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\81.0.4044.129\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\include\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00168_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDownArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WPULQT98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaosp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099154.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Apex.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Person.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXT 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\fonts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Brussels 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02208U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Thatch.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\EquityFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CARBN_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome_100_percent.pak 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\offset.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS2SWOOS.POC 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Karachi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099185.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVELOPE.XML 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086384.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\MMSS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Shorthand.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hu.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pt-br.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01661_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0215086.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\EXPLODE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\PREVIEW.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR18F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01586_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\mr.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB7.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103058.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00633_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24Images.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIcon.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\RM.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\meta-index 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00272_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01252_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\TITLE.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bn.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00390_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_LightSpirit.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN011.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPMediaSharing.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_03.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME42.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Groove.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174639.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01680_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\default_apps\docs.crx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\LightSpirit.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02073_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297727.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00792_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECRECL.ICO 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02405_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Response.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\SIST02.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityReport.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00452_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management-agent.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESNL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\DVDMaker.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageBlank.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\npvlc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14691_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR38F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GostTitle.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01562U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AU.XML 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Skins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\policytool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00050_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.NZ.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PRTF9.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21338_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ASCIIENG.LNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00646_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpnetwk.exe 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMSS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15184_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REC.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Anchorage 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montevideo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200377.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Essential.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICTPH.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00407_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHLEX.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME28.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\gu.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185828.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382954.JPG 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWSHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00433_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01160_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00157_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CURRENCY.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\OFFICE10.MMW 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSAutogen.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WING2.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152884.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199755.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\ado\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233070.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7FR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_en.dub 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsDoNotTrust.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\setup_wm.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01242_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101864.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MsMpLics.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows NT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239057.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105272.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SLINTL.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00440_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182898.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libchorus_flanger_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdfmap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_center.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187921.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WITHCOMP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XPAGE3C.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\be.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107344.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301480.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR24F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01358_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00531L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBCOLOR.SCM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Teal.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01491_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Opulent.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212957.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDEC.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\NOTEBOOK.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01066_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00126_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_iw.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0280468.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14515_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\LAUNCH.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151063.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187819.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.dll 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Internet Explorer\en-US\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDRESP.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_LightSpirit.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\THANKS.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CRANINST.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195260.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_COL.HXC 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00139_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0286068.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBrowserUpgrade.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDRESN.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPQUOT.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianLetter.Dotx 700a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\kk.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jli.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14582_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\es.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090781.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\bdcmetadataresource.xsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTES.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignleft.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281630.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00670_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR20F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21319_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CGMIMP32.HLP 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGZIPC.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\Common.fxh 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Colombo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baghdad 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400005.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15171_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\CALENDAR.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\it\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00006_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301418.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACWIZRC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveReport.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00200_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15134_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SAVE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN022.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mauritius 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102984.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145810.JPG 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_splitter\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36B.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\master_preferences 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0278882.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURE.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02400_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0157995.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN065.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PAWPRINT.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\index.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.ITS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado26.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01184_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00640_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03453_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00610_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Fancy.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\PROCDB.XLAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR32F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll 700a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00297_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackground.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTIRM.XML 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Temp\GUM3C25.tmp\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Synchronization Services\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielResume.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107302.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDECS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN096.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Caracas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172193.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198020.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02752U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300912.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\MEIPreload\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ODBCR.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.Infopath.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Download\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00319_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB1B.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01236_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPISHELL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\gu.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveNoise.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sa.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\profile.jfc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME40.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ContactSelector.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01179J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285698.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Monaco 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01434_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSClient.Msg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01157_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\it.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPEDITOR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\dependentlibs.list 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09664_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00076_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153299.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0197979.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpAsDesc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-6 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107490.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missionco