Analysis
-
max time kernel
175s -
max time network
173s -
platform
windows7_x64 -
resource
win7v200722 -
submitted
08-09-2020 13:53
Static task
static1
Behavioral task
behavioral1
Sample
f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe
Resource
win7v200722
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe
-
Size
211KB
-
MD5
b805db8f6a84475ef76b795b0d1ed6ae
-
SHA1
7711cb4873e58b7adcf2a2b047b090e78d10c75b
-
SHA256
f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf
-
SHA512
62a2c329b43d186c4c602c5f63efc8d2657aa956f21184334263e4f6d0204d7c31f86bda6e85e65e3b99b891c1630d805b70997731c174f6081ecc367ccf9416
Score
10/10
Malware Config
Signatures
-
InfinityLock Ransomware
Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.
-
Modifies extensions of user files 13 IoCs
Ransomware generally changes the extension on encrypted files.
description ioc Process File opened for modification C:\Users\Admin\Pictures\RenameStart.tif.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\SetClear.tiff.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\WaitCopy.crw.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\WatchClear.tif.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\ReadInitialize.tiff.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\BlockCompress.tiff.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\BlockWatch.raw.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\FormatPush.tif.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\GroupMount.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\InitializeImport.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\SaveComplete.tiff.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\SendConvertTo.raw.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Users\Admin\Pictures\AddUndo.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe -
Drops file in Program Files directory 335 IoCs
description ioc Process File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxT.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OWSHLP10.CHM.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\setup.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\en-GB.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\es.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\pt-BR.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\MEIPreload\preloaded_data.pb.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\84.0.4147.89.manifest.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome_100_percent.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\nl.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\te.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\vi.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSUPLD.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6EXT.OLB.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSCOPY.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdater.cer.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.htm.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\elevation_service.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\pt-PT.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.Tools.Applications.Project.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ko.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\nb.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\th.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\84.0.4147.89\84.0.4147.89_chrome_installer.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\bg.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\zh-CN.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\nacl_irt_x86_64.nexe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\fr.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\sentinel.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\de.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome_200_percent.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Extensions\external_extensions.json.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200722114921.pma.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\PortalConnect.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\LogoBeta.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxC.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\master_preferences.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\external_extensions.json.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\fi.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\he.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\notification_helper.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Thawte Root Certificate.cer.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\el.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ro.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sk.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome.dll.sig.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INLAUNCH.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\extensibility.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\d3dcompiler_47.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\swiftshader\libEGL.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMEEXT.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\CsiSoap.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome.exe.sig.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\id.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAProjectUI.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\libEGL.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\cs.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ms.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWER.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\libGLESv2.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\fa.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\lv.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\mr.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUCRES.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\VSTARemotingServer.tlb.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\icudtl.dat.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\uk.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\SmallLogoCanary.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe Root Certificate.cer.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\v8_context_snapshot.bin.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\am.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ja.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sv.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.Blueprints.tlb.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ca.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\en-US.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpAsDesc.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\gmail.crx.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\es-419.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sl.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\youtube.crx.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sw.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\LogoCanary.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\resources.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ru.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sbdrop.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\docs.crx.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\lt.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Windows Mail\msoe.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\HxRuntime.HxS.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\System\DirectDB.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\kn.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\pl.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BHOINTL.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OCLTINT.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\drive.crx.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ta.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\manifest.json.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Windows Media Player\mpvis.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome_pwa_launcher.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\gu.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Keywords.HxK.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\ActionsPane3.xsd.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\da.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\LogoDev.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Temp\GUMCD5C.tmp\GoogleUpdateSetup.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\hi.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\swiftshader\libGLESv2.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{24604DAC-26A2-4023-B42D-9AEA602FC027}\84.0.4147.89_chrome_installer.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\VSTARemotingServer.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\digest.s.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrome.7z.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\fil.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ml.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.VisualElementsManifest.xml.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sr.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAProject.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\setup.swf.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Services\verisign.bmp.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ar.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\MEIPreload\manifest.json.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUPLD.INTL.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\Logo.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLPROXY.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VVIEWRES.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUTHZAX.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\helpmap.txt.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkDiv.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\bn.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VBAOWS10.CHM.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200722114609.pma.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAME.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWDWG.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPISHELLR.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\LICENSE.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\hr.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\oisctrl.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee100.tlb.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome_elf.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\et.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\System.AddIn.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAClientPkg.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\NamedURLs.HxK.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\eventlog_provider.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\zh-TW.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\SmallLogo.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\hu.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\SmallLogoBeta.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\SmallLogoDev.png.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\hxdsui.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\it.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\tr.pak.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll.60CCFDD3B1ABD63A8B3B6C64204443533CD36C1438710CBA3AC084DC36093D39 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe -
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 608 f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe"C:\Users\Admin\AppData\Local\Temp\f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf.exe"1⤵
- Modifies extensions of user files
- Drops file in Program Files directory
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:608