Analysis
-
max time kernel
127s -
max time network
34s -
platform
windows7_x64 -
resource
win7 -
submitted
29-07-2020 07:17
Static task
static1
Behavioral task
behavioral1
Sample
6D12547772B57A6DA2B25D2188451983.bin.dll
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
6D12547772B57A6DA2B25D2188451983.bin.dll
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
6D12547772B57A6DA2B25D2188451983.bin.dll
-
Size
111KB
-
MD5
6d12547772b57a6da2b25d2188451983
-
SHA1
53af601afa0b69c771255a61559365cb34f72b8b
-
SHA256
52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6
-
SHA512
859e3e0d91c3f9fb157e438c7c6f091fe861e4bb1a2ad17f130a7f846fbde09959d63c605c6c1ac3697d4ad07ccd3ca457e103382867db7b41b40429e74c4d32
Score
10/10
Malware Config
Extracted
Path
C:\Users\Admin\Desktop\HowToDecrypt.txt
Ransom Note
All data on your pc were encrypted with strongest encryption method.
The only way to get your data back is to purchase unique key for you.
* You can get cheaper price if you contact us as soon as possible. *
After three days from now, it will be difficult to recover your data.
Good Luck.
contact following address:
[email protected]
[email protected]
Signatures
-
Stops running service(s) 3 TTPs
-
Drops file in Program Files directory 10866 IoCs
description ioc Process File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301050.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.ELM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wake rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtau rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0227419.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02296_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTEX.ECF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-output2.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME22.CSS rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199279.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00018_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00513_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\instrument.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Hermosillo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Composite.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14531_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107192.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_2.jtp rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrome.7z rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200467.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\BG_ADOBE.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe.sig rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMEEXT.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00783_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Groove.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImage.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00419_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00726_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.SG.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\HORN.WAV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en-GB.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18235_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\RTF_BOLD.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\fr.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginMergeFax.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREETING.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART4.BDR rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vimeo.luac rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186360.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00466_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\dcpr.dll rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_on.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143754.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Makassar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGREPFRM.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEM.CFG rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Keywords.HxK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10337_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\install.log rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_fr.dub rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ka.txt rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR33F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Monrovia rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBlankPage.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099176.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14882_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\MEIPreload\preloaded_data.pb rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Person.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187883.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234376.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sw.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01462_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301252.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaribsub_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Minsk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_03.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICCAP98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\builtincontrolsschema.xsd rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECRECL.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMaskSmall.bmp rundll32.exe File opened for modification C:\Program Files\Java\jre7\COPYRIGHT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GFX.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099192.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216570.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10289_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.TTS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00006_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Grayscale.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00129_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\1033\CAGCAT10.MML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00941_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN107.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\JavaAccessBridge-64.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageStyle.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01572_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.properties.src rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR25F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21527_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01866_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.MMW rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\klist.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\ACADEMIC.ONE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIconMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\msdbg2.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSWORD.OLB rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.HLP rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\server\classes.jsa rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18219_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\flyout.css rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\DirectDB.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORDB.EXE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14691_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21504_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\kn.pak rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\uk.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Aspect.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.KR.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Halifax rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106020.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47B.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Oral rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\BG_ADOBE.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00932_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.PPT rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSStr32.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Austin.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105232.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00523_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10254_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Perspective.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151063.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jsound.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Amman rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00775_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0089945.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado27.tlb rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCOUPON.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00092_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN090.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149627.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21318_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fil.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPUB.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233665.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02058U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00191_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DELIMWIN.FAE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18233_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Buenos_Aires rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01149_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01849_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03257_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DOTS.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieproxy.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\IACOM2.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18189_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\osclientcerts.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLASSIC2.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCAL.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTVIEW.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02122_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00343_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14529_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Elemental.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Clarity.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoCanary.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessData.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OARTCONV.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CUP.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00828_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15272_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ps.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL096.XML rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnvpxy.cnv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0281904.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Maroon.css rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterNotificationDescriptors.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\te.pak rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02039_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\St_Johns rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115864.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Anchorage rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105410.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02435_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XMLSDK5.CHM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15135_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00482_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\MCABOUT.HTM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.ELM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.security rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWLAY32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCINFO.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.INF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsColorChart.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51B.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02228_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Apex.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212701.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\FLASH.NET.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR23F.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lord_Howe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Models0011.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00269_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0144773.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\TYPE.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBHD.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_socket.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\JP2KLib.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.ITS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115843.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME09.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861261279.profile.gz rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\settings.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222021.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_hu.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Newsprint.dotx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21390_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0336075.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFINTL.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.ELM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_increaseindent.gif rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libscreen_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\FDFFile_8.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18187_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18221_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382954.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Couture.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AWARDHM.POC rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_am.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana.css rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONMAIN.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado26.tlb rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32B.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18248_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN03500_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02068_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195428.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PINELUMB.HTM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\PersonalContact.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImages.jpg rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR30F.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\et.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7jp.kic rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0250997.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS10TARG.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FLT rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00445_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02223U.BMP rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21302_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCANPST.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00687_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.POC rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106572.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\classlist rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWSS.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01154_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00174_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00462_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196164.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTOC.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FNT rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_GreenTea.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03041I.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285444.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN108.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\eo.txt rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\tt.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00045_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00246_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217262.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Verve.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00232_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Horizon.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_F_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02218_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\sl.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02161_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106222.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152694.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00486_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Hardcover.eftx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFRHD.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299171.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Windhoek rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Verve.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUDGESCH.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Currency Rates.iqy rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Midway rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.XLS rundll32.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00121_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304861.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL022.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-utilities.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RES98.POC rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\rtscom.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\uninstall.log rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LINEACT.POC rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18209_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.Blueprints.tlb rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFNOT.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar rundll32.exe File opened for modification C:\Program Files\Windows Media Player\WMPMediaSharing.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\directshowtap.ax rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanLetter.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\gstreamer-lite.dll rundll32.exe File opened for modification C:\Program Files\Internet Explorer\D3DCompiler_47.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART8.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9 rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099158.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107262.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195788.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02009_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBRV.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL107.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099193.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341475.JPG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_TexturedBlue.gif rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287415.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-9 rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmprph.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107480.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01300_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\mk.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Trek.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\rmiregistry.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21300_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_05.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\TOC98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL092.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287020.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178932.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300520.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCRD98.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MML2OMML.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00601_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216153.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00011_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00965_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01839_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCH98SP.POC rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\he.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Maputo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGLISH.LNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWSHM.POC rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14791_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Journal\MSPVWCTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02748U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALENDAR.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187837.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382931.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBEMAIL.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALSO11.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png rundll32.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.Server.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107742.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0149118.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188511.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195248.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01357_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKL.ICO rundll32.exe File opened for modification C:\Program Files\7-Zip\descript.ion rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODTXT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME51.CSS rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\MSB1ARFR.ITS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Pushpin.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0240719.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROG98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginLetter.Dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR26F.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssci.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FSTOCK.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00382_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02094_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tehran rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00917_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\VelvetRose.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107488.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239191.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01066_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00737_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Stock Quotes.iqy rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187859.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\sv.txt rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\menu_arrow.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099205.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241077.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javafx.policy rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTEL.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Cordoba rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216112.JPG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\SketchIconImages.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18200_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107364.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198226.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHLTS.DAT rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipres.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrowMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14792_.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_COL.HXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\List.accdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106816.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05930_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMAIN.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msado27.tlb rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01044_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107718.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.INF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00166_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_de.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Kerguelen rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Noronha rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SETLANG.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.Infopath.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdbgui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0293832.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01240_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SHOVEL.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSN.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00531_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_SlateBlue.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18250_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow.css rundll32.exe File opened for modification C:\Program Files\MoveImport.vbe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\83.0.4103.106.manifest rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Monticello rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-ui.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02400_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tpcps.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.INF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoAcq.dll rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01167_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384895.JPG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Manila rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msador15.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActionExceptionHandlers.exsd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04235_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL026.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24ImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285780.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199661.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\rt.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01639_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00546_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241043.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00389_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\pack200.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Stanley rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\helper.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02066_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187815.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITY.CFG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Omsk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\background.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_COL.HXT rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcor.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pyongyang rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\JFONT.DAT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02413_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\content-types.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00397_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\OCEAN_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OnLineIdle.ico rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR13F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR24F.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmlaunch.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287641.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZTOOL.ACCDE rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18192_.WMF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\nssckbi.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\tr.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185786.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382950.JPG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ja.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME10.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImages256Colors.bmp rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kiritimati rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLOGO.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\RM.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImage.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBOB6.CHM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImageMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\NUMERIC.JPG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\NEWS.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0136865.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.ES.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\calendars.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18214_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar rundll32.exe File opened for modification C:\Program Files\Windows Journal\jnwdui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01568_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ta.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10298_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\blank.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00241_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00542_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FORMCTL.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21312_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\ProPlusWW.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosecolor.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKWord.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01170_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297269.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH00601G.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate.css rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341738.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14769_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00439_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105294.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00268_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OCLTINT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_GreenTea.gif rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadds.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png rundll32.exe File opened for modification C:\Program Files\Windows Journal\jnwppr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\STSLIST.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01657_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183172.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5EDT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACTIP10.HLP rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME43.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01186_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\STUBBY2.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialLetter.dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jerusalem rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageSlice.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FALL_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0229389.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\libxml2.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieNewsletter.dotx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02069J.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Opulent.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaurl.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar rundll32.exe File opened for modification C:\Program Files\RemoveResume.asp rundll32.exe File opened for modification C:\Program Files\Common Files\DESIGNER\MSADDNDR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382955.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00452_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXCEL.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01138_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00564_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106124.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qatar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00916_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLR.SAM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215076.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00934_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\resources.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART2.BDR rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21533_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341328.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382969.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.HK.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\PYCC.pf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21512_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+3 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04355_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Contacts.accdt rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Ojinaga rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199303.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFNOT.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\SOLVER\SOLVER.XLAM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105396.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186346.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jfr.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14753_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libimem_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML rundll32.exe File opened for modification C:\Program Files\Internet Explorer\JSProfilerCore.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103262.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287024.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\NOTEBOOK.HTM rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME36.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18181_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmpenc.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00148_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099197.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT98.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Management.cer rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIcons.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATWIZ11.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\TexturedBlue.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01176_.WMF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libchain_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00788_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01164_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BHOINTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\npt.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\MMHMM.WAV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\lij.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105320.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251871.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21422_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02862_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACCS.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21518_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Median.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS.DPV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME49.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SEQCHK10.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Executive.xml rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00367_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.DPV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EET rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14579_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpconfig.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099196.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePage.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00299_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdaorar.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Seoul rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OIMG.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterBold.ttf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31F.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIcons.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00157_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01743_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01244_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.NZ.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099165.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0291794.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18184_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Adjacency.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0158007.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKIRMV.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jaas_nt.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\setup.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02845G.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcvbs.inc rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48F.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImageMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\La_Rioja rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099186.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105412.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Issues.accdt rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14883_.GIF rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\an.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0150861.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02293_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLTASK.FAE rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099151.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BROCHURE.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10335_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jabswitch.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip rundll32.exe File opened for modification C:\Program Files\7-Zip\7-zip32.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\bn.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105272.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187825.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287643.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115876.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143758.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00172_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00669_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00704_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\validation.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\UTILITY.ACCDA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSQRY32.CHM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\wxpr.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS2BARB.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMARQ.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL010.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libaribcam_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSCOL11.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309567.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01243_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_center.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_over.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_spellcheck.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232797.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384885.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\ARROW.WAV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDSF.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\YEAR.XSL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02794_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CollectSignatures_Init.xsn rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lt.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04323_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00234_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099168.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.INF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\APA.XSL rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieinstal.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00334_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103402.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Apex.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299763.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBOXES.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryLetter.dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00372_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00320_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301044.WMF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SSGEN.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-heapwalker.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00397_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00687_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00005_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBWZINT.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14655_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penjpn.dll rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\background.gif rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar rundll32.exe File opened for modification C:\Program Files\Windows Mail\wabimp.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Projects.accdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Person.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR41F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Choibalsan rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL083.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00512_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBOX.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah rundll32.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpAsDesc.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\PublicFunctions.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\1033\OFFICE10.MML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7 rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232395.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02444_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME46.CSS rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\WARN.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_AutoMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387578.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV.HXS rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDXFile_8.ico rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL097.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ViewHeaderPreview.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\rt.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205582.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCESS12.ACC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Pitchbook.potx rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105496.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\th.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR11F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME50.CSS rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107712.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLOGO.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPUNCT.DPV rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLSTL.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACC.CFG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOSTYLE.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01561_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SWEST_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS4BOXES.POC rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tripoli rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107502.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18197_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrowMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\wab.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDCAT.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.INF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCVDT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00808_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLPERF.INI rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0177257.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00126_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB1B.BDR rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmlaunch.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149407.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\HAMMER.WAV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGNL.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOUTL.OLB rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\GRDEN_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV.HXS rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\rmid.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Installed_resources14.xss rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105360.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107490.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR29F.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Riga rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImagesMask16x16.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15156_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Apothecary.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\OliveGreen.css rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02116_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.LEX rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baghdad rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOff.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Services\verisign.bmp rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ky.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0229385.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WSIDBR98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0251007.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14870_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FORM.JS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107152.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187895.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\ROGERS.COM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCOLKI.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382947.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_disable.gif rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0150150.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FEZIP.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\StaticText.jpg rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_F_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Black Tie.eftx rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Northwind.accdt rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21310_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00057_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fa.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153302.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libparam_eq_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105974.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART12.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10264_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\StopIconMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14533_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090027.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0332364.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH.HXS rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Full.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSCOPY.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\msvcr100.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Custom.propdesc rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\installer.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\background.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4 rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\sq.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Lexicons0011.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREETING.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pontianak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\RTF_BOLD.GIF rundll32.exe File opened for modification C:\Program Files\ConvertFromAdd.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.dub rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Author2XML.XSL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Almaty rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01241_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\msoe.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14985_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00444_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CMNTY_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0335112.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0337280.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341447.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-windows.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\arrow.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIcons.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityMergeFax.Dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm.html rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Data0011.DLL rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME27.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImages16x16.jpg rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png rundll32.exe File opened for modification C:\Program Files\Windows Defender\MSASCui.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDBAR98.POC rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\tnameserv.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_underline.gif rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\nss3.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OIS.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00038_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\vdk150.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Louisville rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106958.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\Microsoft.Ink.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\jquery.jstree.js rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Solstice.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02790_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00132_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBORDER.DPV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo rundll32.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsource.ax rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPT.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\MANUAL.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18226_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\TOOT.WAV rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSans.ttf rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\manifest.json rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Perspective.dotx rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107026.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01682_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\cursors.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cancun rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384900.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCAL.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Colombo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00834_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107344.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\FAXEXT.ECF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16ImagesMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoBeta.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153265.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE.HXS rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHLTS.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\release rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00161_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SUMER_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115856.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03380I.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SCHOL_02.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME37.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL027.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\macroprogress.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrow.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOUC.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099187.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02055_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iedvtool.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CHIMES.WAV rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-CN.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mpjpeg_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107188.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157177.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOA.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2launcher.exe rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ja.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\PersonalMonthlyBudget.xltx rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143744.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCARD.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_italic.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLCALL32.DLL rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\blocklist.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Tags.accft rundll32.exe File opened for modification C:\Program Files\7-Zip\7-zip.chm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00092_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUNGLE.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jpeg.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fr.pak rundll32.exe File opened for modification C:\Program Files\Windows Media Player\setup_wm.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239997.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293844.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\CIEXYZ.pf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107158.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107750.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\oledb32r.dll.mui rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0324694.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Elemental.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234131.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-io.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki rundll32.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingEngine.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BABY_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLIP.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FLAP.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IT.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXPTOOWS.XLA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24Images.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00242_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBOXES.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_HighMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318810.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POST98SP.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieMergeLetter.dotx rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232803.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Casual.gif rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_wav_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFRES.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackgroundRTL.jpg rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png rundll32.exe File opened for modification C:\Program Files\ShowUnregister.xsl rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveNoise.png rundll32.exe File opened for modification C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Foundry.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nipigon rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\it.txt rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\javaws.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat rundll32.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\BUTTON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304875.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\charsets.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14514_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105276.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR16F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Menominee rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01585_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST5EDT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21304_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00118_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0164153.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.PH.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html rundll32.exe File opened for modification C:\Program Files\OptimizeRemove.jtx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0158477.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\mr.pak rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00154_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jawt.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14831_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00443_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mexico_City rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107516.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4 rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\lt.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04385_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdm.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341554.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCVDTUI.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\id.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00037_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02740U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01840_.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvmstat.xml rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.Tools.Applications.Project.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\he.txt rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15059_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Chita rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18191_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\liblogo_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-execution.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00345_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIcons.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Casual.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Couture.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107308.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Name.accft rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086384.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE rundll32.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00603_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNOteFilter.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145707.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYBB.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_it.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveReport.dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CACH.LEX rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Address.accft rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ogalegit.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107148.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152602.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcfr.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Pangnirtung rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0321179.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382930.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02448_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR37F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099174.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152606.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.Infopath.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SNET.NET.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_italic.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ceuta rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPMediaSharing.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTIRM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00103_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0300862.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\dt.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLADDR.FAE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15056_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceDaYi.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297551.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\RPT2HTM4.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Issue Tracking.gta rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18199_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\common.js rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02285_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadds.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\TexturedBlue.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107358.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR22F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOCS.ICO rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200616092334.pma rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RECL.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPEDITOR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00965_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTEL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_avi_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT532.CNV rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\java.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01474_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15185_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18232_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00441_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01163_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03339_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10 rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sidebar.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0289430.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\QuizShow.potx rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdirectory_demux_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\verify.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME16.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\COMPUTER.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml rundll32.exe File opened for modification C:\Program Files\Common Files\System\wab32res.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00479_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote-PipelineConfig.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado21.tlb rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Discussion.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\attention.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102762.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222017.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Norfolk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLFLTR.DAT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107456.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Notebook03.onepkg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01421_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST7MDT rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\CHEVRON.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21326_.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\SignedComponents.cer rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00543_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386764.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPAPERS.INI rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\InformationIconMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01139_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02404_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10267_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar rundll32.exe File opened for modification C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00222_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196400.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\BUTTON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplateRTL.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00442_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONELEV.EXE rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Bermuda rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14581_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BUTTON.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00021_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\sound.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Category.accft rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmplayer.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02262_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00098_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105266.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03205I.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\2 Top.accdt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNoteNames.gpd rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14871_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.RSD rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200279.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunec.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\VSTARemotingServer.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\el.txt rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBrowserUpgrade.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148757.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlc.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19986_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CET rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_de.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Brisbane rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233018.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwgst.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nassau rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.INF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105244.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183290.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART3.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18208_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_High.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSCOL11.PPD rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.WIH rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Macau rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ku-ckb.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02361_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Concourse.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay.css rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00169_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05870_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\attention.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSEvents.man rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+1 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR20F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jerusalem rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309705.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msado21.tlb rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00126_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185774.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tehran rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00902_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Median.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\flyout_background.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Simferopol rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Fancy.dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01146_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105390.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309664.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\bdcmetadataresource.xsd rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPHandle.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Beirut rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GRAPH.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215710.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02039U.BMP rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\otkloadr_x64.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDCNCLL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmarq_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6 rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGN.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierCloseButton.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00333_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\COUPON.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\WTSP61MS.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\main.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pohnpei rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239057.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.jpg rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9F.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpsychedelic_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\DumontDUrville rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01181_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00919_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL11.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL090.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Public_Primary_CA.cer rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234266.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251925.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15273_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Accra rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32r.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\pt.txt rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107130.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01330_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10 rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\cs.txt rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Horizon.thmx rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Lagos rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00175_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02024_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Document Parts\1033\14\Built-In Building Blocks.dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7fr.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2iexp.dll rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox28.tlb rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libtdummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\LightSpirit.css rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js rundll32.exe File opened for modification C:\Program Files\Internet Explorer\perfcore.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01329_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Galapagos rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195254.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01158_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR17F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Vancouver rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\SignedManagedObjects.cer rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01637_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV98SP.POC rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxT rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\freebl3.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15136_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIcons.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18228_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CDLMSO.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01358_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL020.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST rundll32.exe File opened for modification C:\Program Files\Internet Explorer\ielowutil.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\MCESidebarCtrl.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05869_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDRESP.CFG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Off.jpg rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavutil.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101857.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Origin.eftx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\en-US\wab32res.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10290_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14790_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZLIB.ACCDE rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePage.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00296_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099169.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182902.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado15.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOCIALCONNECTOR.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105368.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DESKSAM.SAM rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00130_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QUIKPUBS.POC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00688_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote.ini rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LETTHEAD.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.HK.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\validation.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04384_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\ColleagueImport.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.VisualElementsManifest.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kiev rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIconsMask.bmp rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.INF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107450.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNoteUI.dll rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\handler.reg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\zip.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libmemory_keystore_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jcmd.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\3082\MSGR3ES.DLL rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107182.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01563_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROGRAM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnv.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSSKETLG.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14515_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21482_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-outline.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15302_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00932_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341534.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Thatch.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18244_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01253_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\validation.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guyana rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\STOPICON.JPG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOC.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPML.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00160_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR27F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18245_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLow.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01658_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSWAVY.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0185604.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\+Connect to New Data Source.odc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0149018.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281640.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-common.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0211949.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdarem.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21535_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Campo_Grande rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid_over.gif rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\mpvis.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hu.dll rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert.css rundll32.exe File opened for modification C:\Program Files\Windows Mail\wabmig.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPMS.ICO rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02134_.GIF rundll32.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsTap.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Concourse.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveResume.dotx rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\en-US\TableTextService.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187819.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\sound.properties rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME34.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00544_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14983_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATETIME.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01162_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105288.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WHITEBOX.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_hyperlink.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01184_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSOSEC.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Danmarkshavn rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN075.XML rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Creston rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Perth rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01628_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00014_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.INF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01173_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153047.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02756U.BMP rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01064_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOCL.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ext.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDIRMV.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\JAWTAccessBridge-64.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPIR.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5EDT rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Nicosia rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ms.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400003.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_07.MID rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\XDPFile_8.ico rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107708.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02091_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\PACBELL.NET.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0186348.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyLetter.dotx rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15184_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00076_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00563_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00914_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.metadata.repository.prefs rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0314068.JPG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\en-US.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImage.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoBase.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AU.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kabul rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32res.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\si.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VISSHE.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\pingsender.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CRANE.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7EN.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ContactPickerIntl.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR14F.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL011.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.CGM rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ja.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santarem rundll32.exe File opened for modification C:\Program Files\ApproveProtect.mht rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09664_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMECONTROLPROXY.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00779_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ts_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Reunion rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178632.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0230876.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL058.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-13 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\DEFAULT.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185780.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_es_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SAVE.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_XPS.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\README.txt rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdarem.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSACC.OLB rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPEDINTL.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Metro.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\flavormap.properties rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24Images.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\oisctrl.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153398.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Angles.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\setup_wm.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART6.BDR rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10299_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INLAUNCH.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400002.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00170_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLJRNL.FAE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00046_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_COL.HXC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL087.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10307_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00705_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPDSINTL.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange.css rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\vcruntime140.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282126.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\PLANNERS.ONE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18225_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_OliveGreen.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00915_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_K_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SessionMember.ico rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18211_.WMF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTFORM.DAT rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Christmas rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Earthy.css rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115875.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21376_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libgestures_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099190.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02028K.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14755_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\La_Paz rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00319_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WPULQT98.POC rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack200.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Marengo rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01035U.BMP rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\notification_helper.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.ELM rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv rundll32.exe File opened for modification C:\Program Files\DVD Maker\offset.ax rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WING1.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignright.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePage.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Thatch.dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08868_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188679.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\SalesReport.xltx rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Amsterdam rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103058.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SOCIALCONNECTORRES.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKUPD.CFG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png rundll32.exe File opened for modification C:\Program Files\Internet Explorer\perf_nt.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTICO.EXE rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SPRNG_01.MID rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14539_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR11F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_LightSpirit.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382948.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaosp.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RSPMECH.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\ssv.dll rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00395_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielLetter.Dotx rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDFFile_8.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterApplicationDescriptors.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignleft.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\DLGSETP.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285792.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL081.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.ELM rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\co.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152702.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222015.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.PL.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAClientPkg.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQ.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IMPMAIL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00538_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00494_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEES.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignleft.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178523.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15058_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVE.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05665_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.WPG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHSRN.DAT rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jsoundds.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME31.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImageMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00165_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FS3BOX.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplate.html rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tirane rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsdbgui.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099178.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382962.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLMAIL.FAE rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml rundll32.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECE.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Events.accdt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnoseek_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawaud_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css rundll32.exe File opened for modification C:\Program Files\DVD Maker\PipeTran.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0158071.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0295069.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.ELM rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Equity.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02048_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6EXT.OLB rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\WET rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsVersion1Warning.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignright.gif rundll32.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPUB.TLB rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_es.dub rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00346_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00942_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212219.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10302_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+8 rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\lv.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wallis rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmplayer.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.SqlServerCe.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105338.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Trek.eftx rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\be.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296288.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21480_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00231_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00097_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01842_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299611.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SPACER.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_K_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Bibliography\BIBFORM.XML rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00058_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuching rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02253_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-text.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\SecretST.TTF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.HXS rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_COL.HXC rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\hprof.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107482.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIconsMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDICON.EXE rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00086_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\LICENSE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ContemporaryPhotoAlbum.potx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0186002.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME06.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18196_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Monaco rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Mawson rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0175428.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handler.reg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Charitable Contributions.accdt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SlateBlue.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0090070.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL054.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgaussianblur_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePage.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kwajalein rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyResume.dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIconMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmplayer.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\alt-rt.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESNL.ICO rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml rundll32.exe File opened for modification C:\Program Files\ConvertToSync.m3u rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01130_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN097.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10253_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcanvas_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html rundll32.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMCCore.dll rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02312_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7es.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313965.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.TW.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginDialogBackground.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\macroprogress.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187893.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Essential.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_LightSpirit.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginMergeLetter.Dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\WISC30.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15018_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00013_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01191_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292152.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS2SWOOS.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.ELM rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlccore.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238959.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS11.POC rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Eurosti.TTF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Paper.eftx rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\grvschema.xsd rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Apex.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281638.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14538_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ASCIIENG.LNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL.DPV rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Melbourne rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Auto.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01545_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04174_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07761_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\THOCRAPI.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099155.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielResume.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONLNTCOMLIB.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XML2WORD.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\GRID_01.MID rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\qipcap64.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\OmdBase.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUNGLE.HTM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libqt_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\SERVWRAP.ASP rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN086.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382942.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESPL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\THANKS.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02439_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\awt.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\RELAY.CER rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SENDTO.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_kn.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_VelvetRose.gif rundll32.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME07.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14793_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_MediumMAsk.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00633_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18202_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02897J.JPG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CollectSignatures_Sign.xsn rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveAnother.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Technic.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PG_INDEX.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-heapdump.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\d3dcompiler_47.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00146_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234000.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02746G.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195812.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif rundll32.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingDevices.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\LINES.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143752.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LISTBOX.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\FUNCRES.XLAM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00956_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099164.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\VOLTAGE.WAV rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00685_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{5DF2DCA9-BD54-4513-9B32-2C551D72B961}\83.0.4103.106_chrome_installer.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_pressed.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\derby_common.bat rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107290.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00170_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\DRUMROLL.WAV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pidgenx.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Minsk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSRTEDIT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293238.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\ACCOLK.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\snmp.acl.template rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ViewHeaderPreview.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excelcnv.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285484.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105846.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\is.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONGuide.onepkg rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.ELM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBAD.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\fxplugins.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0304933.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN065.XML rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\Accessible.tlb rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00487_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285750.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Country.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341654.JPG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02371_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00478_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\WSS_DocLib.ico rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryNewsletter.dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveMergeLetter.dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ro.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR25F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GostName.XSL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281243.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STRBRST.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB3A.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101980.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-actions.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01238_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18230_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OISAPP.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMSS.ICO rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Malta rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMML2MML.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00135_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01491_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB4.BDR rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200521.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\libEGL.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLNOTE.FAE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\SEAMARBL.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHigh.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01905_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasql.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURE.CFG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActions.exsd rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multitabs.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386267.JPG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\jfxrt.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21339_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01299_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Orange Circles.htm rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\libGLESv2.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292278.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-TW.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\JdbcOdbc.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEOLEDB.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21520_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSSync.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105398.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198447.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0305257.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME23.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHLEX.DAT rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15172_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE11.POC rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Thawte Root Certificate.cer rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\+NewSQLServerConnection.odc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIconMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB7.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Xlate_Init.xsn rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Palau rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Anchorage rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00176_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02957_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESNS.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR16F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4ADT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Thatch.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\server\jvm.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\ehshellLogo.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Gaza rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.JS rundll32.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00114_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Groove Starter Template.xsn rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172035.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02405_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprst.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Hobart rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153508.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195260.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05710_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.INF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105520.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285410.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msado25.tlb rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_spellcheck.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSAIN.DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\SETUP.XML rundll32.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlcecompact35.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090087.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01247U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CERTINTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\tr.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN026.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\settings.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\BG_ADOBE.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.HXS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\NOTICE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR24F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02389_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Grid.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR42F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00726_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FORM98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Earthy.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00494_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Elemental.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\keytool.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Teal.css rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0197979.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199469.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01040_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02233_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\CALENDAR.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00423_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01295_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00186_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESUME.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoBeta.png rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.dtd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107134.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0214948.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR19F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Country.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382963.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382965.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\elevation_service.exe rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\settings.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV11.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLSLICER.DLL.vhd rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-iio.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222019.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL103.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ODBCR.SAM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemuxdump_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\subscription.xsd rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09194_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153518.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Casual.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_LightSpirit.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Perth rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02263_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02288_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Flow.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielMergeFax.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\precomplete rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02758U.BMP rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21298_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_autodel_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-4 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewFrame.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382925.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00820_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01805_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00648_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.PPT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10256_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\es.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OART.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Module.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01151_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusDoNotDisturb.ico rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00391_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Solstice.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\JPEGIM32.FLT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME41.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00798_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01394_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00390_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105502.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03466_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03224I.JPG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Godthab rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Phoenix rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301432.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21308_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Premium.css rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00531L.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png rundll32.exe File opened for modification C:\Program Files\CopyDisconnect.pub rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107748.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGATNGET.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\WHOOSH.WAV rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchobj.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe Root Certificate.cer rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14752_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDREQL.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\settings.js rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png rundll32.exe File opened for modification C:\Program Files\SwitchTest.dwfx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL98.POC rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115839.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_copy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\sqmapi.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086428.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01164_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EntityPickerIntl.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10255_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsVersion1Warning.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00437_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239973.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Moscow rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MOR6INT.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_center.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00015_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00019_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OutDomain.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21448_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185818.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityLetter.Dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00882_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL077.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EntityDataHandler.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00135_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02398_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01179J.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Internet Explorer\SIGNUP\install.ins rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00105_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107512.WMF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME25.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18182_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGREPFRM.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_underline.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01143_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\FeedSync.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\management.properties rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15276_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CGMIMP32.HLP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBCALSO.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR17F.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\MSOERES.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_choosecolor.gif rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdav1d_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18222_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01268_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.JS rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02041_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BROCHURE.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.Infopath.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js rundll32.exe File opened for modification C:\Program Files\Windows Defender\MpSvc.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLSLICER.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsfsstorage_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00308_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Campo_Grande rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\THOCR.PSP rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45B.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CSD rundll32.exe File opened for modification C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\hy.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CNFNOT32.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200189.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\docs.crx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04326_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGDOTS.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14984_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00172_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_gu.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153091.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\OFFICE10.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15020_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01218_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Apothecary.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanMergeLetter.Dotx rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TAIL.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Adjacency.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086478.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Apothecary.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsImageTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_OliveGreen.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN022.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\InformationIcon.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00712_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Apex.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Austin.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Concourse.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00017_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\accessibility.properties rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia_Banderas rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00693_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME39.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD20013_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099157.JPG rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\glib-lite.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msader15.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21315_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL102.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.InfoPath.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\drive.crx rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Manaus rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01251_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00297_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Denver rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199475.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00142_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PAPER_01.MID rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png rundll32.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01293_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00516L.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Attachments.jpg rundll32.exe File opened for modification C:\Program Files\Windows Mail\MSOERES.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR15F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21327_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01172_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\WT61ES.LEX rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\OUTDR_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Urban.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\PAB.SAM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guam rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_TexturedBlue.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASK.CFG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Media.accdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185800.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN.DPV rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\libxslt.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ml.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090390.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02424_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN002.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\logging.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\tzmappings rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWDWG.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\classlist rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00139_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152690.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeUpdater.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\da.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Budapest rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\msvcp140.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVZIP.DIC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Brunei rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\jvm.hprof.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14980_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo rundll32.exe File opened for modification C:\Program Files\DVD Maker\DVDMaker.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099160.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02398U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Foundry.eftx rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmpshare.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MORPH9.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrowMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\Parity.fx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241773.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupicons.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Moncton rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\eula.rtf rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-io-ui.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.CFG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru rundll32.exe File opened for modification C:\Program Files\7-Zip\Uninstall.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287408.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMARQ.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WORDREP.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01246_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7ES.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL109.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\Sidebar.exe.mui rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\eu.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_en.dub rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099199.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSSPC.ECF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18190_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guayaquil rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107154.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01294_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICTPH.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts.css rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01742_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHKEY.DAT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Office Word 2003 Look.dotx rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.dub rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_COL.HXT rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEREP.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_dummy_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewDblClick.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00923_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03513_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Slipstream.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\COIN.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\LATIN1.SHP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.xml rundll32.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceca35.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196354.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tokyo rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hu.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Funafuti rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105386.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00633_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Newsprint.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBHED98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL078.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es-419.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01174_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212299.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00454_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IE.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD05119_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\meta-index rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN092.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS53BOXS.POC rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_FR.LEX rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\BUTTON.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\background.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FRENCH.LNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185834.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_COL.HXT rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00116_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382959.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LOGO98.POC rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_italic.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\BUTTON.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\OmdProject.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZCARD.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessData.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198113.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\java.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp rundll32.exe File opened for modification C:\Program Files\DVD Maker\WMM2CLIP.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01478U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLLEX.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\readme.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02120_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\CURRENCY.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fi.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ENVELOPR.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Araguaina rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\id.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\mozglue.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00444_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\MTEXTRA.TTF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BUSINESS.ONE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_VelvetRose.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CRANINST.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105282.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB1A.BDR rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_GreenTea.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SAFRI_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.htm rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01701_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSLID.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACT.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKExcel.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086424.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145895.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198021.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\main.html rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprst.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png rundll32.exe File opened for modification C:\Program Files\WriteMerge.mp4 rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Merida rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\BodyPaneBackground.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00184_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187647.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00132_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\verify.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONPPTAddin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00298_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPHPROXY.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mip.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Istanbul rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02373_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVELOPE.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\MAIL.ICO rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Midway rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.INF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Hobart rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00608_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipBand.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png rundll32.exe File opened for modification C:\Program Files\Internet Explorer\F12Resources.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185778.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151045.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152432.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\hprof.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14711_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.ELM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kiev rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INFOPATH.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORE.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00646_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\java-rmi.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDREST.CFG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\access-bridge-64.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImages.bmp rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDSLM.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382961.JPG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl.css rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Client.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormToolImages.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384888.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSO.ACL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00642_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msado26.tlb rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21294_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac rundll32.exe File opened for modification C:\Program Files\Windows Mail\en-US\msoeres.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\net.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\orbd.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif rundll32.exe File opened for modification C:\Program Files\Windows Journal\JNWDRV.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086426.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN054.XML rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libvhs_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101863.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105286.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESENDS.ICO rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pl.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_VelvetRose.gif rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02369_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00252_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR15F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\VeriSignLogo.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01680_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Tasks.accdt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198016.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoDev.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00192_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHPHN.DAT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\CALENDAR.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml rundll32.exe File opened for modification C:\Program Files\Windows Mail\oeimport.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Hardcover.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BOAT.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0197983.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\RPLBRF35.CHM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Asuncion rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0171847.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Module.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.HXS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBlankPage.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240157.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaorar.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler.xml rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSUPLD.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL048.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOCIALPROVIDER.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101861.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR00.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02749G.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMaskRTL.bmp rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Karachi rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14829_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewFrame.html rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XOCR3.PSP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESUME.DPV rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14794_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR35F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santiago rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow.css rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Graph.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099188.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02116_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fakaofo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099148.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ORG97R.SAM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwLatin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00204_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21313_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBENDF98.CHM rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.INF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\external_extensions.json rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBrowserUpgrade.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL082.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Soft Blue.htm rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatialaudio_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\removed-files rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado25.tlb rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\pt-br.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107300.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ReviewRouting_Review.xsn rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RECS.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0217698.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14582_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libdeinterlace_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBUI6.CHM rundll32.exe File opened for modification C:\Program Files\MergeCompress.WTV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18249_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Casual.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107544.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jni.h rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser_64.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01157_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293234.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RCLRPT.CFG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153514.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341636.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.InfoPath.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UCT rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Canary rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXSEC32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SAMPLES\SOLVSAMP.XLS rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jli.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7db.kic rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Stanley rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\cs.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187861.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN110.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSODCW.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR21F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21481_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGHEADING.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\MSB1ENFR.ITS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fa.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107264.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00396_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS000A.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SPANISH.LNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281632.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02045_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART5.BDR rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icucnv36.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS000C.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00174_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_09.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01931J.JPG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Teal.css rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll rundll32.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageSmall.jpg rundll32.exe File opened for modification C:\Program Files\UnblockTest.bat rundll32.exe File opened for modification C:\Program Files\Internet Explorer\msdbg2.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5F.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00184_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CLICK.WAV rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUCRES.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_mr.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ru.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\GWE.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00921_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099149.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSSKETSM.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey rundll32.exe File opened for modification C:\Program Files\Java\jre7\LICENSE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INTLDATE.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Origin.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBAR.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition - Customized.fdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105336.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341645.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE.HXS rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02413_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Clarity.thmx rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\winamp2.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00296_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02313_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_pt_BR.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\TexturedBlue.css rundll32.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoViewer.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02264_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00194_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01548_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Opulent.eftx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.ELM rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151047.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341557.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00168_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\BTINTERNET.NET.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePageBlank.gif rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14692_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYBB.DPV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\1 Top.accdt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107132.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Grid.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Perspective.eftx rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Singapore rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ro.pak rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199609.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0315447.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BDRTKFUL.POC rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoAcq.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01178_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\El_Salvador rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Tell_City rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\hr.txt rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ACE.dll rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_F_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01660_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBARBLL.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7FR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR18F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OutSyncPC.ico rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAME.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryResume.dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\schemagen.exe rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTES.ICO rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00853_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Maceio rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Skins\Revert.wmz rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00145_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\PST8PDT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFL.ICO rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200616092700.pma rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14832_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EXPLR_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099203.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02431_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_COL.HXT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca rundll32.exe File opened for modification C:\Program Files\WatchFormat.wmf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGZIP.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00190_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImagesMask256Colors.bmp rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_stats_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_bullets.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEMANAGED.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183198.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SessionOwner.ico rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.InfoPath.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21433_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\axvlc.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00559_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\splash.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-outline.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04225_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\1100.accdt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sitka rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_COL.HXT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18231_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hr.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD11.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL093.XML rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME02.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIconsMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251301.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\management\snmp.acl.template rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Groove.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\Welcome.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099189.JPG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Premium.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLWVW.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107350.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239953.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEB11.POC rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Eirunepe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00369_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107494.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01563_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUAUTH.CAB rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORM.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART1.BDR rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\TITLE.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\LOOKUP.DAT rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar rundll32.exe File opened for modification C:\Program Files\Windows Journal\InkSeg.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OSPP.VBS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186364.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382836.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvcd_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ADD.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00052_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21319_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBlankPage.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18251_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIcon.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Country.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21303_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\msaccess.exe.manifest rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLCTL.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBrowserUpgrade.html rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\OFFICE10.MMW rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0235319.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MAIN.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsImageTemplate.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00458_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Module.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierUpArrow.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ru.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png rundll32.exe File opened for modification C:\Program Files\Common Files\System\DirectDB.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00231_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00671_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VS_ComponentSigningIntermediate.cer rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153307.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02446_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\DELETE.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234001.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPUNCT.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00413_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143743.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14981_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21299_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+12 rundll32.exe File opened for modification C:\Program Files\Internet Explorer\pdm.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099184.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JdbcOdbc.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ko.pak rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\kaa.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\msproof7.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00443_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238927.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QP.DPV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105638.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148309.JPG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Darwin rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\da.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Grid.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCD98.POC rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18203_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287019.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0157763.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jawt.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Generic.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Niue rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01126_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01236_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IEContentService.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18217_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Magadan rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSRuntimeUI.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01638_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01472_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsFormTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04196_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\EUROTOOL.XLAM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18193_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zurich rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterToolTemplates.xml rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00610_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Paper.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE06049_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ORG97.SAM rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.jpg rundll32.exe File opened for modification C:\Program Files\Windows NT\Accessories\wordpad.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD10972_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239063.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00760L.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libqsv_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZUSR12.ACCDU rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXC rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Oslo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hebron rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Oriel.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205462.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00433_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\VelvetRose.css rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Internet Explorer\iediagcmd.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102002.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152558.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMSXP32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00525_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01746_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbvbs.inc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excelcnvpxy.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00998_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\CAN.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOMS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00391_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205466.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME05.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ALERT.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsusf_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTIT.CFG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00448_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152696.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\ZoneInfoMappings rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0302953.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPTINPS.DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21334_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15057_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185806.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200377.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianMergeFax.Dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\omni.ja rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02451_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLBAR.INF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02009_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00095_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\en-US\msader15.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCHUR98.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MIMEDIR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RTFHTML.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00390_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239967.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Customer Support.fdt rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_pressed.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PAWPRINT.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\v8_context_snapshot.bin rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Martinique rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Madeira rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00814_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107514.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187829.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\ucrtbase.dll rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\update-settings.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVHM.POC rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Rangoon rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_10.MID rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VBAOWS10.CHM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTITS.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01603_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341634.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN058.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_COL.HXC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPCORE.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Waveform.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152556.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_bullets.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Azores rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\OFFISUPP.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie rundll32.exe File opened for modification C:\Program Files\UnregisterStop.midi rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00578_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\LICENSE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIconsMask.bmp rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\eula.rtf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excel.exe.manifest rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152892.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\java_crw_demo.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_COL.HXT rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msador15.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107730.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01255G.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01566_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRLEX.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WZCNFLCT.CHM rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\abcpy.ini rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\libGLESv2.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxalert.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SELFCERT.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLINACC.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\To_Do_List.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0168644.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239611.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericonMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02262_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONFLICT.ICO rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Lima rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SWBELL.NET.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSTORY.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME40.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImageMask.bmp rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Earthy.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL016.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLPERF.H rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveNewsletter.dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\F12Tools.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00255_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICSTYLES.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00130_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105376.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libadummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Pushpin.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.ELM rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.APL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\TECHTOOL.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\j2pcsc.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEWSTR.DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341559.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0305493.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnOL.dll rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18255_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CARBN_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00084_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01013_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02155_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02742G.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Earthy.gif rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\VideoLAN Website.url rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00274_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152882.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\RADIO.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\LASER.WAV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-charts.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00040_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099173.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSRETRO.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02055_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Ojinaga rundll32.exe File opened for modification C:\Program Files\DVD Maker\fieldswitch.ax rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01152_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Grid.xml rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hr.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Hardcover.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\en-US\wordpad.exe.mui rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mousedown.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\br.txt rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Memo.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCOUPON.DPV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\currency.data rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0227558.JPG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115866.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Urban.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Metro.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\SEAMARBL.HTM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01145_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099177.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DigitalInk.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02417U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299125.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\ssvagent.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OSPP.HTM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_over.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.InfoPath.xml rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\F12Tools.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199483.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDRESN.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Urban.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SHOT.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107724.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02740G.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099154.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157191.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GB.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_es.dub rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Sales Pipeline.accdt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01196_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_F_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\zip.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Median.thmx rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099159.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.ELM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen.css rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\bn.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00734_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00915_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199283.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR39F.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.LIC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\BUTTON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Simple.dotx rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\minidump-analyzer.exe rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\IEShims.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\TECHTOOL.HTM rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.INF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151061.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216540.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcvbs.inc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200289.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMSL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradient_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageScript.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00524_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02754U.BMP rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CharSetTable.chr rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png rundll32.exe File opened for modification C:\Program Files\Internet Explorer\iedvtool.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpClient.dll rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsprofilerui.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382970.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server-15.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\POLICIES.FDT rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Halifax rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107426.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pencht.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\HST10 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099194.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0230553.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00810_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02125_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTL.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIconsMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPMediaSharing.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BOATINST.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099161.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\HEADER.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGM.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18246_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00407_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00050_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmagnify_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10308_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02106_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PRTF9.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GR8GALRY.GRA rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00352_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\javaws.exe rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14754_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nome rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233512.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\jsse.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-conio-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_fr.dub rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Waveform.eftx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TipsImage.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_nv12_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\lv.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Couture.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\SUCTION.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialResume.dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_off.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBRPH1.POC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.ELM rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\MEIPreload\manifest.json rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\utilityfunctions.js rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01080_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Training.potx rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.password.template rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\attention.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Samara rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\splashscreen.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\wlsrvc.dll rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107734.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Windows Journal\PDIALOG.exe rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ne.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Pushpin.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePage.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Verve.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\WANS.NET.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_HK.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\GRIP.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7tkjp.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0279644.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02748G.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03379I.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21301_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\83.0.4103.106\83.0.4103.106_chrome_installer.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\NVBELL.NET.XML rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msado28.tlb rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\TAG.XSL rundll32.exe File opened for modification C:\Program Files\ReceivePing.ex_ rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWCUTCHR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101866.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QP.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14982_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196142.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Austin.eftx rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libmmdevice_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMaskSmall.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00261_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PRRTINST.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESTS.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107314.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPISHELLR.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_TexturedBlue.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\mn.txt rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01160_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200151.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00157_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00938_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msadrh15.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REMINDER.WAV rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099181.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198025.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACTL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\PublicFunctions.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate.css rundll32.exe File opened for modification C:\Program Files\Windows Defender\MsMpRes.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00390_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_100_percent.pak rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.INF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montevideo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-font.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_ES.LEX rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXLIRMV.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01041_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00683_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02082_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_10_p010_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_el.dll rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.ELM rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01046J.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02750G.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGDOTS.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago rundll32.exe File opened for modification C:\Program Files\Windows Defender\MsMpCom.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lv.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESEND.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTBOX.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106208.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MARQUEE.POC rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIcons.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199473.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285796.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02750U.BMP rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.jpg rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msaddsr.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT rundll32.exe File opened for modification C:\Program Files\7-Zip\7z.exe rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198022.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_COL.HXC rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boa_Vista rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iedvtool.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.InfoPath.Client.Internal.CLRHost.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00010_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03012U.BMP rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBPAGE.DPV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jni_md.h rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.catalog rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Payment Type.accft rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01629_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL012.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libfile_logger_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00077_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341455.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fr.dll rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\master_preferences rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda rundll32.exe File opened for modification C:\Program Files\ConnectSelect.dib rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00351_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101865.BMP rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00236_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHSAPIFE.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CLVIEW.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALENDAR.XML rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01607U.BMP rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215070.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR28F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR34F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\MLA.XSL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris rundll32.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingEngine.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02465_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\simplexml.luac rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtcp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHTMED.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01569_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02276_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\jce.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198372.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00297_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099198.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\glass.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00254_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02265_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152590.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN095.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hi.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21321_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\gmail.crx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKPowerPoint.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\powerpnt.exe.manifest rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\AMERITECH.NET.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsImageTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImage.jpg rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\awt.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts2.css rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belem rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Urban.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adojavas.inc rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02187_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Krasnoyarsk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPreviewTemplate.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0213243.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEXBE.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\1033\MSGR3EN.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153095.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLTASKR.FAE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\PublicFunctions.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00122_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00414_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01245_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Solstice.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\background.gif rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\cy.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00257_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199549.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Inuvik rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MLSHEXT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03668_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\BG_ADOBE.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdfmap.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Trek.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\BUZZ.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\security\blacklist rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCF.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241037.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdfmap.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginResume.Dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\ANALYS32.XLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-10 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITS.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\common.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi rundll32.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpAsDesc.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101859.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02450_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.OPG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Recife rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CASHREG.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00419_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107282.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03331_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN027.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup-impl.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\BUTTON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_K_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00524_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\DefaultBlackAndWhite.dotx rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\GRIPMASK.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\SOLVER\SOLVER32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115842.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18213_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBCOLOR.SCM rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090783.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME12.CSS rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yakutat rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\background.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00736_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\OrielFax.Dotx rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmpconfig.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01468_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\adovbs.inc rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\profilerinterface.dll rundll32.exe File opened for modification C:\Program Files\Windows Defender\MpAsDesc.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099179.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Composite.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDCNCL.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN98.POC rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pitcairn rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152610.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyReport.dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_TW.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belize rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099147.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199465.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sk.dll rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\CHICAGO.XSL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\kab.txt rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Music.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00452_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\plugin.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00155_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188519.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\DADSHIRT.HTM rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01015_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Xlate_Complete.xsn rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adovbs.inc rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\security\US_export_policy.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\FONTSCHM.INI rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Medium.jpg rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmpnscfg.exe rundll32.exe File opened for modification C:\Program Files\DVD Maker\bod_r.TTF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107138.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.DPV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198020.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Newsprint.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\BCSAddin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00336_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\EPSIMP32.FLT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0179963.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01565_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15133_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00694_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02368_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UDT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\release rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Vladivostok rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.LTS rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\en.ttt rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\management-agent.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OFFOWCI.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21495_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115834.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageStyle.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTIRMV.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01761_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OMSMMS.CFG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Amsterdam rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00560_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Opulent.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49B.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14757_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SPLASH.WAV rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01235U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DVDHM.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\IntroducingPowerPoint2010.potx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285808.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00014_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODDBS.DLL rundll32.exe File opened for modification C:\Program Files\Internet Explorer\ieproxy.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01179_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281008.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fxplugins.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\ActionsPane3.xsd rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityResume.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat rundll32.exe File opened for modification C:\Program Files\ConnectExpand.ADTS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0298897.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tashkent rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml rundll32.exe File opened for modification C:\Program Files\FindBlock.pps rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382938.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ClassicPhotoAlbum.potx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-visual.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Juneau rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\STUBBY1.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02085_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\DELETE.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00172_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0089992.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02423_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_COL.HXC rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0090386.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21314_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libwebvtt_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chicago rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00459_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293828.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB11.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115855.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Indianapolis rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00110_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.INF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQL.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282932.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEERR.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_no.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01631_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\JAVA_01.MID rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL110.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\VVIEWRES.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15134_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14996_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01157_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WING2.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN044.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\BTOPENWORLD.COM.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14677_.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZFORM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21297_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ru.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01308_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199036.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryMergeLetter.dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\RenderingControl.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OneNoteSyncPCIntl.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21548_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\validation.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00629_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Faculty.accdt rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Newsprint.eftx rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fakaofo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185670.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00913_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendtoOneNoteFilter.gpd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTES.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABMASK.BMP rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\INDOMAIN.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\decora-sse.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00914_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02752U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPLTMPL.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarViewButtonImages.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXT rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\gfserrortogroove.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18185_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.InfoPath.FormControl.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187835.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_hyperlink.gif rundll32.exe File opened for modification C:\Program Files\Internet Explorer\ie9props.propdesc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01627_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01848_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00768_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02028_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0088542.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD98SP.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QRYINT32.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103812.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00673L.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00233_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONWordAddin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSRuntime.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14830_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageSlice.gif rundll32.exe File opened for modification C:\Program Files\Windows Journal\NBMapTIP.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB5B.BDR rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Adobe.css rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\LAUNCH.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Process Library.fdt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_cycle_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABOFF.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157167.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\en-US\wab32res.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msaddsr.dll.mui rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00668_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02958_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLSLICER.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03453_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01301_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mraut.dll rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01636_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME01.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18212_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_SlateBlue.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01473_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_COL.HXC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPPT.OLB rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACETXT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTITL.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CLVWINTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Discussion.gta rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099156.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00723_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02736U.BMP rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sv.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATALOG.DPV rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143746.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\PLUS.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.ELM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXLIRM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152594.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseover.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.ICO rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\amd64\jvm.cfg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudiobargraph_a_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-tools.xml rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00223_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLY98SP.POC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLJRNLR.FAE rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090779.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105230.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145212.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME53.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Adobe.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.access rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Antigua rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00074_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Clarity.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ADRESPEL.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CA.XML rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPTL.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099152.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL044.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.ELM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Bougainville rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\COPYING.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART14.BDR rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\view.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00159_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-BR.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_dummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-visual.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jsdt.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackground.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15060_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpnssci.dll rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Seyes.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10300_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMCCore.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPICCAP.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORTL.ICO rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0171685.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-core-kit.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssui.dll.mui rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00247_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00807_.WMF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152414.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Reunion rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.ELM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.policy rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\REPTWIZ.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE.HXS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_gather_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js rundll32.exe File opened for modification C:\Program Files\WriteConvertTo.ocx rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageBlank.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR40F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME03.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14756_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107328.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200163.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02127_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\NOTEBOOK.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pago_Pago rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_en.dub rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Matamoros rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\background.gif rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR27F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPreviewTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19988_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239941.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16Images.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Status.accft rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Teal.css rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198102.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BCSRuntimeRes.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Details.accdt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Thatch.thmx rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105332.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA000A.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281630.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0284916.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Green Bubbles.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WWLIB.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageScript.js rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts2.css rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_justify.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01152_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02443_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\PMAILEXT.ECF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageBlank.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mspub.exe.manifest rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152898.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SplashScreen.bmp rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\connectionmanager_dmr.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EMSMDB32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105280.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105490.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188669.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.NO.XML rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLIST.CFG rundll32.exe File opened for modification C:\Program Files\Windows Journal\JNTFiltr.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21305_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Detroit rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172193.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382952.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115840.GIF rundll32.exe File opened for modification C:\Program Files\GroupBackup.ppsx rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00076_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107496.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spc.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFXML.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00078_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CURRENCY.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01586_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\WT61FR.LEX rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Paper.thmx rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceArray.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00485_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBPAGE.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400005.PNG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297707.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OISINTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msxactps.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosefont.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00525_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VPREVIEW.EXE rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0187423.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297727.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Thatch.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03236_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Austin.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.bat rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Composite.thmx rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21534_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Cairo rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\RE00006_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ODBC.SAM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianMergeLetter.Dotx rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Major Indicies.iqy rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_shmem.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\TRANSMRR.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceAmharic.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0214934.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300840.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7B.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\uz.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EntityPicker.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02261_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293240.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ONLINE.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Dialog.accdt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01749_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\TEAROFF.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\utilityfunctions.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\IMAGE.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02071U.BMP rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\javafx.properties rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14595_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090149.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107468.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00623_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282928.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rankin_Inlet rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_choosefont.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\MENUS.JS rundll32.exe File opened for modification C:\Program Files\Internet Explorer\ieinstal.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00286_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01252_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ORIG98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCARD.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fi.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196358.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00452_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\INCOMING.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_COL.HXC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BULLETS.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_udp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14768_.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01740_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBAR.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-api-caching.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6 rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Panama rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml rundll32.exe File opened for modification C:\Program Files\Windows Media Player\WMPSideShowGadget.exe rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\yo.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152704.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00640_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLMAILR.FAE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01297_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7EN.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsFormTemplate.html rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBLINK.POC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\COUGH.WAV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Gibraltar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\io.txt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Country.gif rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\fi.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02278_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Response.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Phoenix rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00985_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152876.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Civic.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\TURABIAN.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSTORYVERT.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.rll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEMS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDECS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\WSS.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02810J.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESTL.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\SNEEZE.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02282_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\LOCALDV.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GreenTea.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387337.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDCNCLS.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hovd rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Bissau rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\security\local_policy.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00703L.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LINE.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08808_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIcon.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00468_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01745_.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02062U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03011U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN089.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.DOC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15277_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECS.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241041.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Marketing Projects.accdt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00345_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.INF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImage.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libuleaddvaudio_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Barbados rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ContactPicker.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBORDER.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\RTF_BOLD.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18242_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00248_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01858_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTINTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099180.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382966.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.INF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102594.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ku.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PRRT.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2ssv.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196364.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxmedia.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SHARING.CFG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Oral rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\dependentlibs.list rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSAEXP30.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153313.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\networkinspection.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105328.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0302827.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Earthy.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Casual.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-compat.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrow.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PSTPRX32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00195_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB9.BDR rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00505_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\BASMLA.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18239_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145361.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0177806.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7EN.LEX rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Manila rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00141_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Paper.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Microsoft.Ink.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\soniccolorconverter.ax rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195342.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sl.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\th.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\sa.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238983.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143749.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.INF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tahiti rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen.css rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_et.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMECONTROLSERVER.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Black Tie.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.ELM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\hu.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187817.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287417.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00685_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pt-BR.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMSMAIN.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107526.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00224_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01635_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01356_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_on.gif rundll32.exe File opened for modification C:\Program Files\Windows Journal\jnwmon.dll rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RSWOP.ICM rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0146142.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152688.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174635.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292270.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33B.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Classic.dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00526_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00625_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBAR11.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hardware Tracker.fdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR10F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSACCESS.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSOSEC.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Skins\Revert.wmz rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00438_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTS.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\background.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javaws.policy rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\de.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImage.jpg rundll32.exe File opened for modification C:\Program Files\DVD Maker\Pipeline.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\gl.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REVERSE.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAProject.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Istanbul rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmpnssci.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB2B.BDR rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\prism-d3d.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SAVE.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01242_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Median.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\TRANSMGR.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_justify.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmono_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02053J.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR31F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00638_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Flow.eftx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXE8SharedExpat.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DELIMDOS.FAE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6F.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_LightSpirit.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00350_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Origin.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosecolor.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309920.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\lt.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-actions.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Taipei rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_pressed.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0214098.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TipsImageMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14594_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21335_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Algiers rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\extensibility.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.INF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME15.CSS rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTE.CFG rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLFLTR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107146.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0252629.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTEX2.ECF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dili rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00068_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\eula.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME13.CSS rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGZIPC.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee100.tlb rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Louisville rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\Common.fxh rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19828_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145904.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.ID.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285926.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB8.BDR rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Choibalsan rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue.css rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabfind.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Metro.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01634_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14833_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR22F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18256_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Priority.accft rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ja.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292286.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR12F.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15035_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BREAK.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01182_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01461_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Resolute rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleHandler.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxwebkit.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172067.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174952.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\VSTARemotingServer.tlb rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQS.ICO rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\psfont.properties.ja rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaremr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR19F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10336_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Macquarie rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239943.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297229.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_da.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0093905.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198377.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsVersion1Warning.htm rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME14.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ca.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0286068.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00136_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03014_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Curacao rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_TexturedBlue.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107280.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ko.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR13F.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Maldives rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKIRM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPQUOT.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH.HXS rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\adojavas.inc rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yellowknife rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\plugins.dat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101858.BMP rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00681_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CST6CDT rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_th.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.INF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Adjacency.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0252669.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART11.BDR rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00173_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0250504.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00555_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fil.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\oisctrl.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143753.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1B.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\README.txt rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACTS.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196374.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00234_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195534.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ta.pak rundll32.exe File opened for modification C:\Program Files\Windows Mail\en-US\WinMail.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\ELPHRG01.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART15.BDR rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01176_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\Messenger.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD06102_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21322_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NBOOK_01.MID rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBTRAP.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00728_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28B.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD10890_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0293800.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Discussion14.gta rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Microsoft.Ink.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02736G.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.HXS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\CURRENCY.HTM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188667.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGNHM.POC rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msado20.tlb rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Angles.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115841.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101867.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01777_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7fr.kic rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME30.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsMacroTemplate.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Havana rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGIDX.DAT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0324704.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341499.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Horizon.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00530_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote.gpd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.HXS rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\IA2Marshal.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\mng.txt rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMCCore.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152570.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18215_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Traditional.dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15034_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vienna rundll32.exe File opened for modification C:\Program Files\JoinStop.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0298653.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Khandyga rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\ieinstal.exe.mui rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_1.jtp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02464_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\Whistling.wav rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Gambier rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\platform.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ACT3R.SAM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\CALENDAR.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoDev.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageSmall.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\header.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02166_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107288.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240811.profile.gz rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FRAR\MSB1FRAR.ITS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLVBS.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_OliveGreen.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_OffMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPDESIGN.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02073_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECRECS.ICO rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\vi.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\form_edit.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00167_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00918_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\TimeCard.xltx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02077_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6 rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ie9props.propdesc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382939.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105238.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21344_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDREQ.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImages.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jvm.lib rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292020.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieResume.dotx rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18201_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Civic.thmx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_tr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6B.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\bdcmetadata.xsd rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Distinctive.dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOMAIL.CFG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Madrid rundll32.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoBase.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105600.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN048.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHighMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css rundll32.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01160_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDREQS.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_setid_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185842.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Verve.eftx rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Monterrey rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Adelaide rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Maroon.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\BOMB.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ENVELOPR.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14800_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Paris rundll32.exe File opened for modification C:\Program Files\JoinFind.mpe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07831_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00388_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL108.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\VIBE.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04108_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386485.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\SoftBlue.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\uk.pak rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\net.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Costa_Rica rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14654_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296277.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\GRAY.pf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBWZINT.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMask.bmp rundll32.exe File opened for modification C:\Program Files\7-Zip\7z.sfx rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01265U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149481.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01140_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099172.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21427_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REFEDIT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_COL.HXC rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\InfoPathWelcomeImage.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153089.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01080_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Contacts.accdt rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\rt3d.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageStyle.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151041.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\kinit.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\MMSL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21505_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Doc.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Caracas rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\pa-in.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01296_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR12F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0157995.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Christmas rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01060_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086432.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153093.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387882.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.ELM rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\New_York rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18207_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18237_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\xmlrw.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\HxRuntime.HxS rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152722.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19695_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcf.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ahclient.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215210.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE04050_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanMergeFax.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceme35.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Technic.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.UK.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ERROR.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.CN.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baghdad rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.FR.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxinfo.ico rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libfingerprinter_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107258.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\utilityfunctions.js rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d9_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REC.CFG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CAMERA.WAV rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00265_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\sRGB.pf rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Internet Explorer\Timeline_is.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00163_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECREC.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDIRM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01366_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107316.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SPACE_01.MID rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Managua rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\ImportUse.vdw rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icudt36.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Tasks.accdt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libinflate_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090781.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00438_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090089.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-io.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.ELM rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sk.pak rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libwave_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Essential.eftx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME19.CSS rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdca_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\SynchronizationEula.rtf rundll32.exe File opened for modification C:\Program Files\Windows Mail\wab.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Composite.eftx rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcor.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14867_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\form_edit.js rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pago_Pago rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ar.txt rundll32.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01630_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106146.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\et.txt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\GrooveFormsMetaData.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg rundll32.exe File opened for modification C:\Program Files\Windows Defender\MpOAV.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTE.CFG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tunis rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\sentinel rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00394_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Waveform.xml rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ms.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01084_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN111.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR26F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImageMask.bmp rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libconsole_logger_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_delay_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_underline.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00932_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105384.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL001.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Casual.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SEARCH.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01173_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Flow.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10301_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Response.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01219_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginReport.Dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_it.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01169_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241019.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guatemala rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\Logo.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\LAUNCH.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00586_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsound.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX rundll32.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpEvMsg.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01171_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DBGHELP.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_disable.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STP rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEIRM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02022_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsDoNotTrust.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART10.BDR rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jvm.hprof.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ContactSelector.ico rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIcon.jpg rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105348.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187839.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZFORM.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\blacklist rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAME.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099204.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLNOTER.FAE rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00453_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02407_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL075.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\servertool.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_decreaseindent.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01361_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDEC.CFG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14997_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099150.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237228.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_01.MID rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152626.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Perspective.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.DPV rundll32.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187849.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpOAV.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384862.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Journal\Templates\Shorthand.jtp rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME55.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02950_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWORIENT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101860.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00305_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_is.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02265_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.STD rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00636_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382968.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-print.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212751.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301418.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPrintTemplate.html rundll32.exe File opened for modification C:\Program Files\ExpandFormat.vb rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\mlib_image.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkDiv.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186362.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\HICCUP.WAV rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogo.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Installed_schemas14.xss rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297185.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZCARD.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOICONS.EXE rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libudp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Iqaluit rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\background.gif rundll32.exe File opened for modification C:\Program Files\7-Zip\7zCon.sfx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341561.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL105.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02426_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285698.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUPLD.INTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcor.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMASTHD.DPV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OCRHC.DAT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103850.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216612.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02067_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0280468.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN103.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libalphamask_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBHD.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01193_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN109.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\NamedURLs.HxK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00100_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_justify.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER11.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Assets.accdt rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Track Issues.fdt rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXSLE.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Rome rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099202.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304371.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01954_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02617_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01797_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8B.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02097_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01293_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.DE.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\net.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBOX.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKS.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.JS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107746.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341344.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XPAGE3C.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\policytool.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\BUTTON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageScript.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00261_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107492.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INLAUNCH.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00532_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALSO98.POC rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WHIRL1.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Athens rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\El_Salvador rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaer.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00120_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01236U.BMP rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01304G.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_COL.HXC rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\MINUS.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10266_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FINCL_02.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityMergeLetter.Dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME52.CSS rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Goose_Bay rundll32.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACEDAO.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.ELM rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00364_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsink.ax rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFOWC.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099153.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309598.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01843_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10263_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18180_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00602_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234657.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLAPPT.FAE rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143745.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09662_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182888.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadco.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMC.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01875_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_es.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Graph.exe.manifest rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLowMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195772.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212685.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00197_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\micaut.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\RADAR.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18198_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285782.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Metro.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21311_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPreviewTemplate.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmirror_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GreenTea.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01058_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msjro.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GostTitle.XSL rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\fy.txt rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.JP.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFTMPL.CFG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\mpvis.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\oeimport.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0291984.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLWVW.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewFrame.html rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\SIGNUP\install.ins rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBARV.POC rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296279.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\HEADINGBB.POC rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxerror.ico rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Premium.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLRPC.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01039_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00417_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00116_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21331_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02268_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21316_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaom_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png rundll32.exe File opened for modification C:\Program Files\Internet Explorer\pdmproxy100.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Pushpin.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\zipfs.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02214_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ja_JP.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099185.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0287005.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN082.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe rundll32.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\javaw.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107484.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02270_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BORDERBB.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182898.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SketchPadTestSchema.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04267_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01923_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baku rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novosibirsk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00428_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199727.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCD98SP.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_COL.HXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15072_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107452.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0211981.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll rundll32.exe File opened for modification C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.ELM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\Documentation.url rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099163.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Clarity.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\EnableEnter.php rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mahe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right_over.gif rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuvp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01213K.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCARDHM.POC rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19563_.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libd3d11va_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\LightSpirit.css rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21413_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Technic.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALNDR98.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Apothecary.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174315.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\New_Skins.url rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18224_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88 rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115868.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\AUTOSHAP.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\APPLAUSE.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmlaunch.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03143I.JPG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15073_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00612_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\helpmap.txt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsMacroTemplate.html rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00403_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00833_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcer.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_uk.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00021_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB10.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL086.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLPROXY.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWER.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Aspect.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Uzhgorod rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\LAUNCH.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-search.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Bucharest rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18205_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas rundll32.exe File opened for modification C:\Program Files\DVD Maker\sonicsptransform.ax rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\default.vlt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297725.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10268_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0221903.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ospintl.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\Wks9Pxy.cnv rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239955.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL104.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\wsdetect.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.SE.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-uihandler.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sbdrop.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR41F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00218_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Trek.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292982.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.HOL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00392_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02153_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107728.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185790.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Irkutsk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_COL.HXC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayenne rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Windows Defender\MpRTP.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153305.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB3B.BDR rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\sunmscapi.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\psfontj2d.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIcon.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png rundll32.exe File opened for modification C:\Program Files\Internet Explorer\networkinspection.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGAD.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15170_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14845_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21370_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll rundll32.exe File opened for modification C:\Program Files\Internet Explorer\sqmapi.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2native.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bogota rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\OliveGreen.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21343_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_decreaseindent.gif rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprsr.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATE.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\button.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152894.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Earthy.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00242_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387895.JPG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libchorus_flanger_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wallis rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Flow.thmx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187863.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d11\libdirect3d11_filters_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105388.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT.DPV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME47.CSS rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01434_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01751_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROGRAM.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialReport.dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia rundll32.exe File opened for modification C:\Program Files\Windows NT\Accessories\WordpadFilter.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\OFFISUPP.HTM rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00449_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00222_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\nb.pak rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107042.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237759.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULQOT98.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\artifacts.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POST.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusOnline.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Msgbox.accdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02252_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WITHCOMP.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\jvm.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03470_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03425I.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WORDREP.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN011.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18229_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Berlin rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_off.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00158_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATWIZ.POC rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.exe.sig rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02759J.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\PRODIGY.NET.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar rundll32.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Elemental.thmx rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\fontmanager.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24ImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sa.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03464_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183574.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239975.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00127_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18216_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232393.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0295241.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESP98.POC rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\DESIGNER.ONE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office 2.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImage.jpg rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Chita rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107722.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3ES.LEX rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\meta-index rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15171_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png rundll32.exe File opened for modification C:\Program Files\Windows Mail\msoe.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195384.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Couture.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15019_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187881.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msaddsr.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR36F.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287645.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318804.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02093_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscene_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02559_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_04.MID rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ModifiedTelespace.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14869_.GIF rundll32.exe File opened for modification C:\Program Files\7-Zip\7z.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\avtransport.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\nio.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Internet Explorer\MemoryAnalyzer.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.BusinessData.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152878.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SUBMIT.JS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187847.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALHM.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME21.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA0009.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXPSRV.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21348_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityReport.Dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOML.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145272.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02829J.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02263_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Angles.eftx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145810.JPG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDECL.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\History.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00194_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105912.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR10F.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\Filters.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\EquityFax.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00231_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MY.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_COL.HXT rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ga.txt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Toronto rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Swift_Current rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\3082\MSO.ACL rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\digest.s rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.INF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mousedown.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\WET rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianResume.Dotx rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqloledb.rll.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01354_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCDDSUI.DLL rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Resources.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcfr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME17.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152436.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEMS.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadce.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotiondetect_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01084_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02567J.JPG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML rundll32.exe File opened for modification C:\Program Files\7-Zip\License.txt rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBHOME.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OL.SAM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\CLNTWRAP.HTM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SlateBlue.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSLaunch.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01793_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02390_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_COL.HXC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR18F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Adelaide rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\prism-d3d.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.Infopath.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kwajalein rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLAPPTR.FAE rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\am.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00117_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00177_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Newsprint.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_COL.HXC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SBCGLOBAL.NET.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\omni.ja rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Currie rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ca.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosefont.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232171.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL089.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaenum.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309902.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEML.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105378.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152708.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.TXT rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15275_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115836.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\HEADING.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLINACC.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_vi.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.INF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\UnformattedNumeric.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-nodes.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TaxonomyControl.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\vi.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157831.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_GreenTea.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0215086.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LETTHEAD.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ca.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7en.kic rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099171.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0278702.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Miquelon rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105250.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL002.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_F_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\zh-TW.pak rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libstereo_widen_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\COUPLER.WAV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Sydney rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\mlib_image.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\OriginFax.Dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDownArrow.jpg rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.BR.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\fa.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387604.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00453_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00006_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Efate rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pontianak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ADD.GIF rundll32.exe File opened for modification C:\Program Files\Internet Explorer\F12Tools.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\FOLDER.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00255_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_OliveGreen.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Generic.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SHOW_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00402_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPrintTemplate.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199423.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WCOMP98.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CUPINST.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT632.CNV rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18206_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSYUBIN7.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR21F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml rundll32.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00004_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianLetter.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PEOPLEDATAHANDLER.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00057_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099195.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.VN.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04332_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\APIFile_8.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43B.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02724_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00792_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0235241.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\sunec.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libgoom_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00160_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00152_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00267_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe rundll32.exe File opened for modification C:\Program Files\Internet Explorer\images\bing.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00526_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00057_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\TOOLICON.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240189.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18210_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hong_Kong rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmprph.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Oriel.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7ES.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10265_.GIF rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSO0127.ACL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293570.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\nacl_irt_x86_64.nexe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHigh.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\PASSWORD.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02141_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107266.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01044_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightRegular.ttf rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\hi.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AIR98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ACT3.SAM rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.htm rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18253_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02124_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV.HXS rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\ktab.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Oriel.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01221K.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01575_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SLINTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115863.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBCONV.DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01852_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OnLineBusy.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0332268.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IMCONTACT.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libt140_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Faroe rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152568.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB2A.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL065.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15169_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107658.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00809_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_on.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099183.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105246.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAILMOD.POC rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html rundll32.exe File opened for modification C:\Program Files\Internet Explorer\iexplore.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01039_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105504.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\LoanAmortization.xltx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEML.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OUTGOING.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\107.accdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Issues.accdt rundll32.exe File opened for modification C:\Program Files\Windows Journal\en-US\Journal.exe.mui rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd28.tlb rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAProjectUI.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\management\management.properties rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\it.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02298_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00049_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00489_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwingdi_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21423_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Winamac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWSTRUCT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Manuscript.dotx rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0315580.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00438_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.rll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.INF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\es-419.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BloodPressureTracker.xltx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21329_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VVIEWER.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\jdwp.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14801_.GIF rundll32.exe File opened for modification C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\nl.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right_over.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\DELETE.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-14 rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107446.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03451_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV.HXS rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\eventlog_provider.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02282_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPTS.ICO rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Center rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextService.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00435_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-templates.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ERROR.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00799_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libfile_keystore_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcs.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14656_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14828_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.DAT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Angles.thmx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386120.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnPPT.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\STSLISTI.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182946.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdadc.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\resources.pak rundll32.exe File opened for modification C:\Program Files\ResumeUnlock.wma rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00170_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\ISO690Nmerical.XSL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Premium.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02040U.BMP rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15023_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Hand Prints.htm rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\form_edit.js rundll32.exe File opened for modification C:\Program Files\7-Zip\7-zip.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLACCT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02158_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341653.JPG rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\de.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00177_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\attention.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00454_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115865.GIF rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102984.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Equity.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\HST rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285822.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00256_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libkate_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14516_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCARD11.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\GIGGLE.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGNS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15168_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left_over.gif rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceYi.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02208U.BMP rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePage.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4B.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition.fdt rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04117_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\va.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01747_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsvorepository_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18220_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-7 rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\DBGHELP.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239951.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386270.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00641_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\gu.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignright.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHDHM.POC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordconv.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thule rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105506.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387591.JPG rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\management.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusAway.ico rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml rundll32.exe File opened for modification C:\Program Files\Windows Defender\MpClient.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234687.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PICTIM32.FLT rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaprsr.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\CsiSoap.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left_over.gif rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsColorChart.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212953.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0240695.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BAN98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXPTOOWS.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImageMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099162.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EAWFINTL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\UmOutlookStrings.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pl.dll rundll32.exe File opened for modification C:\Program Files\DenyUninstall.rm rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Beige.css rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5F.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00693_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02439_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprsr.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\PROCDB.XLAM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\VCTRN_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\EXPLODE.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Fortaleza rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00171_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0202045.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01785_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\THROAT.WAV rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Jamaica rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Main.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01191_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105588.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-PT.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLASSIC1.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcs.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Edmonton rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.dub rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2B.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0290548.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pe.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00116_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08773_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01180_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198234.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WhiteboxMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico rundll32.exe File opened for modification C:\Program Files\TestUpdate.MTS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02743G.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN010.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBHW6.CHM rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\DiagnosticsTap.dll.mui rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spl.txt rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Synchronization.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15022_.GIF rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\nb.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Essential.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SNIPE.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLADD.FAE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyMergeLetter.dotx rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_disable.gif rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\msitss55.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01216_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185776.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10358_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\wlsrvc.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195320.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\BREEZE.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\xmlrwbin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01659_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341742.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPQUOT.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME04.CSS rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0075478.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02441_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00687_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUDGESCH.HTM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21336_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Tucuman rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0286034.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVELOPE.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sw.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00238_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE06450_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Slipstream.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_over.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15061_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3FR.LEX rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\SIST02.XSL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15155_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Media Player\WMPNSSUI.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sv.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\OliveGreen.css rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\setup_wm.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImage.jpg rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayman rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ko.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00090_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsmb_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UTC rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\kcms.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bn.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm_cmd.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_COL.HXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Darwin rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG rundll32.exe File opened for modification C:\Program Files\Windows Mail\wabfind.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00178_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1AR.LEX rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\MedianFax.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CRT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewSelectionChanged.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00090_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR42F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107528.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01123_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02270_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01292_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau rundll32.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMC.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BillingStatement.xltx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExpenseReport.xltx rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\es.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MYSL.ICO rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\URBAN_01.MID rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-2 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIconsMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01291_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239935.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\nn.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7ES.LEX rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VVIEWRES.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME48.CSS rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTAREA.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14710_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-6 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMask.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME28.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21307_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\sidebar.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153273.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\handsafe.reg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188587.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME18.CSS rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Extensions\external_extensions.json rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04206_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PNCTUATE.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18243_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpshare.exe rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02793_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcer.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImages.jpg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml rundll32.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00096_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099166.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02388_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_SlateBlue.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\HST10 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielMergeLetter.Dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME54.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OFFLINE.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUTHZAX.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01172_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_COL.HXT rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-cn.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLMIME.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Opulent.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.TH.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSProxy.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Country.css rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECC.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105710.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02752G.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400001.PNG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\softokn3.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ms.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00440_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182689.JPG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boise rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar rundll32.exe File opened for modification C:\Program Files\DVD Maker\audiodepthconverter.ax rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00411_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_02.MID rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02074U.BMP rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB01741L.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309480.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\MSOSVINT.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME42.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01748_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN081.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine_64.dll rundll32.exe File opened for modification C:\Program Files\Internet Explorer\jsprofilerui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152698.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232795.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01298_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Premium.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341448.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02384_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00330_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21324_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04191_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153087.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ACCSBAR.POC rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SpaceSelector.ico rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_center.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293236.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsMacroTemplate.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01141_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN096.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libanaglyph_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ug.txt rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-tw.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01562U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15173_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.IDX rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Casual.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-remote.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Slipstream.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21328_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18204_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kosrae rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB02229_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.POC rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Client.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MLCFG32.CPL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR40F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153299.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02470U.BMP rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Noumea rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp rundll32.exe File opened for modification C:\Program Files\Internet Explorer\jsdebuggeride.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\sk.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107254.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEM.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplateRTL.html rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185828.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200273.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBRPH2.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15132_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Author2String.XSL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\index.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152716.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR39F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLPH.DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1665.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7ge.kic rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00010_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01239K.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00795_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14578_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Petersburg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\background.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01838_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Omsk rundll32.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19582_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151073.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00289_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_increaseindent.gif rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.ELM rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\AUTHOR.XSL rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ru.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPICCAP.XML rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWDAT.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tijuana rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid.gif rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Services\verisign.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPIRM.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWCUTLIN.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Executive.eftx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Executive.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Winnipeg rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Simferopol rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VVIEWDWG.DLL rundll32.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18257_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Eucla rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SAVE.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02071_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02126_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02267_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099145.JPG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.bfc rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR20F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_elf.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Lagos rundll32.exe File opened for modification C:\Program Files\Internet Explorer\F12.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Modern.dotx rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\HEADER.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ur.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.ELM rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\af.txt rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00483_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jawt.h rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UCT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\macroprogress.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SHAREPOINTPROVIDER.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212601.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02578_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lord_Howe rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEINTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\swiftshader\libGLESv2.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7tk.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086420.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02092_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianReport.Dotx rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chihuahua rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178639.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0294991.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03731_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Equity.eftx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN102.XML rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATALOG.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Groove.gif rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\networkinspection.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\profile.jfc rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7 rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152890.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.dll.sig rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPOLKINTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PTXT9.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\SPACER.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01242_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285820.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00272_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212661.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Paramaribo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099170.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297757.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01368_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BANNER.DPV rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\bg.txt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.conf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\background.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Solstice.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT98SP.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_COL.HXT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_on.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00018_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299587.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuching rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00426_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMC.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPST32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215718.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.CNT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00957_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292248.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01069_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233312.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBrowserUpgrade.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPIR.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\t2k.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR23F.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libftp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Document.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285360.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.htm rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099201.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187921.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\server\Xusage.txt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21320_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll rundll32.exe File opened for modification C:\Program Files\Common Files\System\wab32.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTLVBA.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21309_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\BUTTON.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBCN6.CHM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Knox rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00199_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaremr.dll.mui rundll32.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02074_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-modules.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151055.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_COL.HXC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBLR6.CHM rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe.sig rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7es.kic rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233992.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233070.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts2.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OISGRAPH.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21323_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21338_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Easter rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OMSSMS.CFG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Groove.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105414.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0175361.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02503U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00200_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\LightSpirit.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287644.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115867.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR38F.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME33.CSS rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Cape_Verde rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsColorChart.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert.css rundll32.exe File opened for modification C:\Program Files\7-Zip\7zG.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\npt.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcer.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Los_Angeles rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BANNER.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieLetter.dotx rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\javacpl.exe rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dubai rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216858.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\security\cacerts rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00416_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE.MANIFEST rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCNPST32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XIMAGE3B.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.log rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR37F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\gradient.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105234.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ml.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll.sig rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GRAPH.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00012_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME38.CSS rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpenc.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDS.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.ELM rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME44.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\config.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONTAB32.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02742U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\HEADINGBB.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR.HXS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105292.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21519_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado20.tlb rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Status Report.fdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHMAIN.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Aspect.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151067.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_cs.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\libEGL.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiBold.ttf rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Knox rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Salta rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.htm rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME24.CSS rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-io.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00095_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREET11.POC rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadce.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_200_percent.pak rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libidummy_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099200.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297759.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0160590.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14795_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02198_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00670_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18236_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\LICENSE rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Andorra rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02227_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTOC.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178459.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183174.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SecStoreFile.ico rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIcons.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLCPRTID.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107500.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\WSSFilesToolHomePageBackground.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSDecWrp.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\en-GB.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107024.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152430.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME20.CSS rundll32.exe File opened for modification C:\Program Files\NewRename.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OCRVC.DAT rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Adjacency.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\London rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application-views.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Executive.thmx rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPSLAX.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00837_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Syowa rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Essential.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200611.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382957.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_te.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14583_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04269_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02886_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\DELIMR.FAE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14580_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Maroon.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_06.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\GMT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21435_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar rundll32.exe File opened for modification C:\Program Files\Windows Portable Devices\sqmapi.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00152_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\1036\MSGR3FR.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Metlakatla rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Slipstream.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV98.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableDownArrow.jpg rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.INF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.ELM rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGDIC.DAT rundll32.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceoledb35.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\CIEXYZ.pf rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sl.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belize rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ExtExport.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08758_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196110.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21330_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0283209.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297749.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcjavas.inc rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\hxdsui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl.css rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02201_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18234_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00011_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0315612.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_F_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCNPST64.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belem rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18223_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS0009.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152608.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00183_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ProjectStatusReport.potx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_COL.HXT rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18218_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EAST_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101864.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153516.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02453_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME29.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00008_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\NL.ROGERS.COM.XML rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMIMES.CFG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPrintTemplate.html rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPNSSUI.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0098497.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185796.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099175.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105380.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Cocos rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287642.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02466U.BMP rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217872.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00208_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01065_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABON.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB5A.BDR rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01770_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART13.BDR rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14532_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21332_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18252_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvc1_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196060.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02287_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MOR6INT.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382960.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\icudtl.dat rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Elegant.dotx rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT rundll32.exe File opened for modification C:\Program Files\Windows Defender\MpCommu.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01395_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00217_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Oriel.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\DumontDUrville rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14866_.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CONTACT.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPIRMV.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239965.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313974.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN020.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151581.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14868_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vilnius rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\MSCDM.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152560.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237336.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BORDERBB.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15021_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300912.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\1 Right.accdt rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp rundll32.exe File opened for modification C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00233_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mazatlan rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPISHELL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01661_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382926.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02025_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861258748.profile.gz rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00042_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02738U.BMP rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107150.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148798.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01744_.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7FR.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_EN.LEX rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18194_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9 rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jayapura rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CT_ROOTS.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABELHM.POC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\FM20.CHM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCFUIUTILITIESDLL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00935_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Origin.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216724.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15301_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Apia rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\lgpllibs.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02356_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanResume.Dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00732_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaps.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099191.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105526.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145669.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313970.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BLANK.ONE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVCMP.DIC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLMACRO.CHM rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MUSIC_01.MID rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21503_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\PUSH.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OMSINTL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00221_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll rundll32.exe File opened for modification C:\Program Files\FindTrace.vstm rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01166_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105298.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB6.BDR rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE rundll32.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImages.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sr.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV.HXS rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\WPGIMP32.FLT rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\mng2.txt rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.INF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME45.CSS rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101856.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Technic.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar rundll32.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SUBMIT.JS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00234_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240291.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\orbd.exe rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielReport.Dotx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME26.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14565_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR38F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105240.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WNTER_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART9.BDR rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdater.cer rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21342_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsdp_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handsafe.reg rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145373.JPG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS.HXS rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\application.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01148_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01332U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT98.POC rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\localedata.jar rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoCanary.png rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\mr.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCICONS.EXE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\HEADER.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ROAD_01.MID rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\THEMES.INF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatt.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099167.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0228959.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ACCTBOX.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02749U.BMP rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialMergeLetter.dotx rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msado15.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bg.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\LASER.WAV rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hi.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02088_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00910_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01006_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Module.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217302.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\dnsns.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libinteger_mixer_plugin.dll rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SegoeChess.ttf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7ES.LEX rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15274_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Aspect.eftx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Whitehorse rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.htm rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00656_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll rundll32.exe File opened for modification C:\Program Files\UseOpen.otf rundll32.exe File opened for modification C:\Program Files\Windows Defender\MpEvMsg.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00260_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcfr.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8 rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montreal rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_increaseindent.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30B.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\README.html rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\ITIRCL55.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\MMSS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21295_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Civic.eftx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESPS.ICO rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\youtube.crx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01618_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\RECOVR32.CNV rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\bg.pak rundll32.exe File opened for modification C:\Program Files\Java\jre7\README.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01253_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EMABLT32.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-8 rundll32.exe File opened for modification C:\Program Files\Internet Explorer\jsdbgui.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00235_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Phone.accft rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0278882.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04195_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Horizon.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-actions.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\bin\deploy.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka rundll32.exe File opened for modification C:\Program Files\ConfirmExport.jtx rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.security rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabimp.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00164_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07804_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+7 rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216516.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericon.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400004.PNG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Equity.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Civic.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Glace_Bay rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_VelvetRose.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14513_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Start End Dates.accft rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\sbdrop.dll.mui rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\kk.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.LEX rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313896.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18227_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_transcode_plugin.dll rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll rundll32.exe File opened for modification C:\Program Files\Windows Defender\MpCmdRun.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSClient.Msg.dll rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HTECH_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-oql.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FINCL_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02417_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Invite or Link.one rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\misc.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188513.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2 rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIcon.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplateRTL.html rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbjvs.inc rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESENDL.ICO rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue.css rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip rundll32.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\System.AddIn.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdatl3.dll rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcjavas.inc rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00373_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.JS rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormToolImages.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ielowutil.exe rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Maceio rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00262_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02269_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.rll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsepia_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00202_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_iw.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14693_.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmicrodns_plugin.dll rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ro.txt rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Shades of Blue.htm rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8 rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ta.txt rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxC rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.ELM rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUOPTIN.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01239_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLSTS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00780L.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\gu.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02280_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrow.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Black Tie.xml rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OEMPRINT.CAT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02075_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382927.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanPhotoAlbum.potx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEWBY.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0213449.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WHIRL2.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic 2.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTEAR.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107302.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18241_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPM.CFG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115835.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02115_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187851.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240175.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183168.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02097_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPOLK.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD06200_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341439.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143750.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SUBMIT.JS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\VelvetRose.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01560_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21325_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-dialogs.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Grand_Turk rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099146.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.REST.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaremr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACCL.ICO rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH00780U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PAWPRINT.HTM rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavcodec.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02746U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC.HXS rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MCPS.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV.HXS rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01470_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143748.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadco.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guatemala rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\utilityfunctions.js rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pt-PT.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00720_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME32.CSS rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\custom.lua rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java.exe rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115844.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00911_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\sbdrop.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\npvlc.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107090.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152628.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_08.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Concourse.xml rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Lisbon rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ho_Chi_Minh rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01161_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\EmbeddedView.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00405_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\pl.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02757U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02437_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Atikokan rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18254_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Damascus rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0294989.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIconsMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_off.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_bullets.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01165_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Sofia rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mauritius rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19827_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveLetter.dotx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabmig.exe rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\fur.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285462.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02791_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183328.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_COL.HXT rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00898_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SUBMIT.JS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02755U.BMP rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.ELM rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29B.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00273_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00557_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCD11.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Blog.dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENES\MSB1ENES.ITS rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml rundll32.exe File opened for modification C:\Program Files\Windows Media Player\wmpnetwk.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZMAIN.ACCDE rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-explorer.xml rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ar.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-annotations-common.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00686_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\TALK21.COM.XML rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msxactps.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14528_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Adak rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21340_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.JS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301480.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0230558.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_pwa_launcher.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292272.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00476_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZDAT12.ACCDU rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12 rundll32.exe File opened for modification C:\Program Files\Internet Explorer\IEShims.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_SlateBlue.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145879.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309585.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid_over.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENVELOPE.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107744.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199307.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_off.gif rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12 rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287018.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnWD.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLICONS.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107458.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216874.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318448.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Hardcover.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CHECKBOX.JPG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00555_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0252349.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableUpArrow.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3EN.LEX rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44B.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239079.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Foundry.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN105.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MSTAG.TLB rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ReviewRouting_Init.xsn rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\GreenBubbles.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21364_.GIF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Adobe.css rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvmem_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\setup.swf rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME35.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\PABR.SAM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qatar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00668_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\el.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Code_Signing_2001-4_CA.cer rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Perspective.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll rundll32.exe File opened for modification C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar rundll32.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSAutogen.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174639.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado28.tlb rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RECALL.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00414_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\default.jfc rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SLERROR.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+1 rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10297_.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ERROR.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00790_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02431_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00172_.WMF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200383.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_F_COL.HXK rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03795_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02412K.JPG rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar rundll32.exe File opened for modification C:\Program Files\Windows Journal\NBDoc.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCFU.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01759_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Users.accdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0228823.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\ALARM.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18247_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Moscow rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVTEL.DIC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200183.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241781.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGAD.DPV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Dublin rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ar.pak rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\ViewHeaderPreview.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png rundll32.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Microsoft.Synchronization.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04369_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\INDST_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD98.POC rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\gfserrorfromgroove.ico rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png rundll32.exe File opened for modification C:\Program Files\HideRedo.mpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216600.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212957.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME11.CSS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21400_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Tabs.accdt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00943_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MX.XML rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309904.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_COL.HXC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME08.CSS rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.INF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18238_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00527_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.IN.XML rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp rundll32.exe File opened for modification C:\Program Files (x86)\Google\Temp\GUM2396.tmp\GoogleUpdateSetup.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Premium.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\header.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00306_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN001.XML rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UNT rundll32.exe File opened for modification C:\Program Files\7-Zip\7zFM.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7en.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01772_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152622.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACWIZRC.DLL rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.INF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\HEADER.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7FR.LEX rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FiveRules.potx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png rundll32.exe File opened for modification C:\Program Files\Windows Journal\Journal.exe rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatializer_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORES.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238333.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5B.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Brussels rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\default-browser-agent.exe rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03459_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01750_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Regina rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBlankPage.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-visual.xml rundll32.exe File opened for modification C:\Program Files (x86)\Windows Defender\MsMpLics.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\DADSHIRT.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199755.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\WHOOSH.WAV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.DOC rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PAPERS.INI rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\WidescreenPresentation.potx rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox.dll rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_id.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01183_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00806_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02753U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL.XML rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_decreaseindent.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART7.BDR rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\STSLIST.CHM rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdate.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png rundll32.exe File opened for modification C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152884.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198712.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.ELM rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WINWORD.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382944.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCH.DLL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tarawa rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\http.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00361_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\PortalConnect.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIconMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145168.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21434_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCHUR11.POC rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10219_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Comments.accdt rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ast.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105530.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00784_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01237_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Country.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHighMask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR14F.GIF rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignleft.gif rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.XLS rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libstats_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185798.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02386_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149887.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MSTHED98.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormToolImages.jpg rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01168_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOffMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Swift_Current rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00256_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1036\MSO.ACL rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libexport_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01063_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\zh-CN.pak rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00270_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46F.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupiconsmask.bmp rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Chagos rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WITHCOMP.DPV rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304853.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00330_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\La_Paz rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.THD rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Waveform.thmx rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.JP.XML rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaps.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Catamarca rundll32.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\Synchronization.rll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rainy_River rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ADD.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02169_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00212_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\EEINTL.DLL rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromaprint_plugin.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105306.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382967.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00034_.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GreenTea.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FORM.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341551.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CHECKER.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PINELUMB.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL106.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\2 Right.accdt rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Belgrade rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\COMBOBOX.JPG rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png rundll32.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198494.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8F.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-windows.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Black Tie.thmx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00513_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Denver rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Cocos rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7EN.LEX rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\PREVIEW.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50F.GIF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215709.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL095.XML rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152600.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER.DPV rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libntservice_plugin.dll rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301076.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanReport.Dotx rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\THMBNAIL.PNG rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\liblogger_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Premium.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237225.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.HXS rundll32.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.BusinessData.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBARBLL.DPV rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL111.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\UrbanFax.Dotx rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SAEXT.DLL rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe rundll32.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\ISO690.XSL rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02054_.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Formal.dotx rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSQRY32.EXE rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01734_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216588.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00382_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00735_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORTS.ICO rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00260_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_K_COL.HXK rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSClientManifest.man rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00455_.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382958.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02522_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_F_COL.HXK rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301052.WMF rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\libarchive_plugin.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199805.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\System\ado\msader15.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_OFF.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-api.xml rundll32.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iexplore.exe rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\RECYCLE.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR32F.GIF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Prague rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00052_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178460.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02051_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Default.dotx rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\AUTHORS.txt rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MET rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.INF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\SectionHeading.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYERHM.POC rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\jaccess.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14530_.GIF rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cuiaba rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7MDT rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00200_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CG1606.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\WIND.WAV rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0156537.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsdt.dll rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107342.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Apia rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA000C.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0390072.JPG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00253_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMIMEE.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Earthy.gif rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\background.gif rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif rundll32.exe File opened for modification C:\Program Files\Windows Defender\MsMpLics.dll rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090777.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html rundll32.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html rundll32.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04134_.WMF rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14844_.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Students.accdt rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01074_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OMSINTL.DLL.IDX_DLL rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png rundll32.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guam rundll32.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\swiftshader\libEGL.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImagesMask.bmp rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\az.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGATNGET.XML rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.ITS rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\ATPVBAEN.XLAM rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\ba.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304405.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02291U.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG.HXS rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89 rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\vlc.mo rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS9CRNRH.POC rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7FR.LEX rundll32.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_nl.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImages.jpg rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3F.GIF rundll32.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.cpu.xml rundll32.exe File opened for modification C:\Program Files\7-Zip\Lang\nl.txt rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Foundry.thmx rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01590_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png rundll32.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099182.WMF rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORT.CFG rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImages.jpg rundll32.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png rundll32.exe File opened for modification C:\Program Files\Windows Media Player\mpvis.DLL rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00241_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBREF.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.LEX rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01015_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178348.JPG rundll32.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jakarta rundll32.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\JNGLE_01.MID rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03241_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8F.GIF rundll32.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe.vhd rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00276_.WMF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101862.BMP rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AR.XML rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199429.WMF rundll32.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_ON.GIF rundll32.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnvr.dll rundll32.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09031_.WMF rundll32.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui rundll32.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll rundll32.exe -
Modifies extensions of user files 4 IoCs
Ransomware generally changes the extension on encrypted files.
description ioc Process File renamed C:\Users\Admin\Pictures\RegisterRedo.crw => C:\Users\Admin\Pictures\RegisterRedo.crw.vhd rundll32.exe File renamed C:\Users\Admin\Pictures\RestoreOut.raw => C:\Users\Admin\Pictures\RestoreOut.raw.vhd rundll32.exe File renamed C:\Users\Admin\Pictures\ExpandRedo.crw => C:\Users\Admin\Pictures\ExpandRedo.crw.vhd rundll32.exe File renamed C:\Users\Admin\Pictures\ReadSend.tif => C:\Users\Admin\Pictures\ReadSend.tif.vhd rundll32.exe -
Drops desktop.ini file(s) 1 IoCs
description ioc Process File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI rundll32.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of WriteProcessMemory 87 IoCs
description pid Process procid_target PID 892 wrote to memory of 1132 892 rundll32.exe 24 PID 892 wrote to memory of 1132 892 rundll32.exe 24 PID 892 wrote to memory of 1132 892 rundll32.exe 24 PID 892 wrote to memory of 1132 892 rundll32.exe 24 PID 892 wrote to memory of 1132 892 rundll32.exe 24 PID 892 wrote to memory of 1132 892 rundll32.exe 24 PID 892 wrote to memory of 1132 892 rundll32.exe 24 PID 1132 wrote to memory of 316 1132 rundll32.exe 25 PID 1132 wrote to memory of 316 1132 rundll32.exe 25 PID 1132 wrote to memory of 316 1132 rundll32.exe 25 PID 1132 wrote to memory of 316 1132 rundll32.exe 25 PID 1132 wrote to memory of 1424 1132 rundll32.exe 26 PID 1132 wrote to memory of 1424 1132 rundll32.exe 26 PID 1132 wrote to memory of 1424 1132 rundll32.exe 26 PID 1132 wrote to memory of 1424 1132 rundll32.exe 26 PID 1132 wrote to memory of 1508 1132 rundll32.exe 28 PID 1132 wrote to memory of 1508 1132 rundll32.exe 28 PID 1132 wrote to memory of 1508 1132 rundll32.exe 28 PID 1132 wrote to memory of 1508 1132 rundll32.exe 28 PID 1132 wrote to memory of 112 1132 rundll32.exe 30 PID 1132 wrote to memory of 112 1132 rundll32.exe 30 PID 1132 wrote to memory of 112 1132 rundll32.exe 30 PID 1132 wrote to memory of 112 1132 rundll32.exe 30 PID 1132 wrote to memory of 1608 1132 rundll32.exe 31 PID 1132 wrote to memory of 1608 1132 rundll32.exe 31 PID 1132 wrote to memory of 1608 1132 rundll32.exe 31 PID 1132 wrote to memory of 1608 1132 rundll32.exe 31 PID 1132 wrote to memory of 680 1132 rundll32.exe 34 PID 1132 wrote to memory of 680 1132 rundll32.exe 34 PID 1132 wrote to memory of 680 1132 rundll32.exe 34 PID 1132 wrote to memory of 680 1132 rundll32.exe 34 PID 1132 wrote to memory of 1064 1132 rundll32.exe 36 PID 1132 wrote to memory of 1064 1132 rundll32.exe 36 PID 1132 wrote to memory of 1064 1132 rundll32.exe 36 PID 1132 wrote to memory of 1064 1132 rundll32.exe 36 PID 1132 wrote to memory of 1512 1132 rundll32.exe 38 PID 1132 wrote to memory of 1512 1132 rundll32.exe 38 PID 1132 wrote to memory of 1512 1132 rundll32.exe 38 PID 1132 wrote to memory of 1512 1132 rundll32.exe 38 PID 1132 wrote to memory of 1812 1132 rundll32.exe 40 PID 1132 wrote to memory of 1812 1132 rundll32.exe 40 PID 1132 wrote to memory of 1812 1132 rundll32.exe 40 PID 1132 wrote to memory of 1812 1132 rundll32.exe 40 PID 1132 wrote to memory of 1844 1132 rundll32.exe 42 PID 1132 wrote to memory of 1844 1132 rundll32.exe 42 PID 1132 wrote to memory of 1844 1132 rundll32.exe 42 PID 1132 wrote to memory of 1844 1132 rundll32.exe 42 PID 1132 wrote to memory of 1328 1132 rundll32.exe 44 PID 1132 wrote to memory of 1328 1132 rundll32.exe 44 PID 1132 wrote to memory of 1328 1132 rundll32.exe 44 PID 1132 wrote to memory of 1328 1132 rundll32.exe 44 PID 1132 wrote to memory of 1768 1132 rundll32.exe 46 PID 1132 wrote to memory of 1768 1132 rundll32.exe 46 PID 1132 wrote to memory of 1768 1132 rundll32.exe 46 PID 1132 wrote to memory of 1768 1132 rundll32.exe 46 PID 1132 wrote to memory of 1740 1132 rundll32.exe 48 PID 1132 wrote to memory of 1740 1132 rundll32.exe 48 PID 1132 wrote to memory of 1740 1132 rundll32.exe 48 PID 1132 wrote to memory of 1740 1132 rundll32.exe 48 PID 1132 wrote to memory of 1568 1132 rundll32.exe 50 PID 1132 wrote to memory of 1568 1132 rundll32.exe 50 PID 1132 wrote to memory of 1568 1132 rundll32.exe 50 PID 1132 wrote to memory of 1568 1132 rundll32.exe 50 PID 1132 wrote to memory of 1636 1132 rundll32.exe 51 PID 1132 wrote to memory of 1636 1132 rundll32.exe 51 PID 1132 wrote to memory of 1636 1132 rundll32.exe 51 PID 1132 wrote to memory of 1636 1132 rundll32.exe 51 PID 1132 wrote to memory of 1552 1132 rundll32.exe 52 PID 1132 wrote to memory of 1552 1132 rundll32.exe 52 PID 1132 wrote to memory of 1552 1132 rundll32.exe 52 PID 1132 wrote to memory of 1552 1132 rundll32.exe 52 PID 1132 wrote to memory of 1896 1132 rundll32.exe 56 PID 1132 wrote to memory of 1896 1132 rundll32.exe 56 PID 1132 wrote to memory of 1896 1132 rundll32.exe 56 PID 1132 wrote to memory of 1896 1132 rundll32.exe 56 PID 1132 wrote to memory of 1996 1132 rundll32.exe 58 PID 1132 wrote to memory of 1996 1132 rundll32.exe 58 PID 1132 wrote to memory of 1996 1132 rundll32.exe 58 PID 1132 wrote to memory of 1996 1132 rundll32.exe 58 PID 1132 wrote to memory of 1960 1132 rundll32.exe 60 PID 1132 wrote to memory of 1960 1132 rundll32.exe 60 PID 1132 wrote to memory of 1960 1132 rundll32.exe 60 PID 1132 wrote to memory of 1960 1132 rundll32.exe 60 PID 1132 wrote to memory of 2020 1132 rundll32.exe 61 PID 1132 wrote to memory of 2020 1132 rundll32.exe 61 PID 1132 wrote to memory of 2020 1132 rundll32.exe 61 PID 1132 wrote to memory of 2020 1132 rundll32.exe 61 -
Launches sc.exe
Sc.exe is a Windows utlilty to control services on the system.
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\6D12547772B57A6DA2B25D2188451983.bin.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:892 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\6D12547772B57A6DA2B25D2188451983.bin.dll,#12⤵
- Drops file in Program Files directory
- Modifies extensions of user files
- Drops desktop.ini file(s)
- Suspicious use of WriteProcessMemory
PID:1132 -
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Active Directory Toplogy"3⤵PID:316
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Anti-spam Update"3⤵PID:1424
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Compliance Audit"3⤵PID:1508
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Compliance Service"3⤵PID:112
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange DAG Management"3⤵PID:1608
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Diagnostics"3⤵PID:680
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange EdgeSync"3⤵PID:1064
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Frontend Transport"3⤵PID:1512
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Health Manager"3⤵PID:1812
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Health Manager Recovery"3⤵PID:1844
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange IMAP4"3⤵PID:1328
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange IMAP4 Backend"3⤵PID:1768
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Information Store"3⤵PID:1740
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Mailbox Assistants"3⤵PID:1568
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Mailbox Replication"3⤵PID:1636
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange Mailbox Transport Delivery"3⤵PID:1552
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange POP3"3⤵PID:1896
-
-
C:\Windows\SysWOW64\sc.exesc stop "Microsoft Exchange POP3 Backend"3⤵PID:1996
-
-
C:\Windows\SysWOW64\sc.exesc stop "SQL Server Agent (TESTINSTANCE)"3⤵PID:1960
-
-
C:\Windows\SysWOW64\sc.exesc stop "SQL Server (TESTINSTANCE)"3⤵PID:2020
-
-