Analysis
-
max time kernel
151s -
max time network
84s -
platform
windows7_x64 -
resource
win7 -
submitted
22/09/2020, 17:31
Static task
static1
Behavioral task
behavioral1
Sample
pewpew_p.bin.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
pewpew_p.bin.exe
Resource
win10v200722
windows10_x64
0 signatures
0 seconds
General
-
Target
pewpew_p.bin.exe
-
Size
1.0MB
-
MD5
202bf9be9a4e45526e482f08104717ad
-
SHA1
1e5bbfb9167150935c6eb25bbbebbe5c77a97aa2
-
SHA256
7282df1360af4c028930ffd9fbc30ea9d17f08f14b725f8020677dd9df961c55
-
SHA512
89db20536030f28af5997d4b93e90ead0ccd7299d6777d422159a0a41b658274743a390fed1a9f942b668f4f04afd1119e7b4a41356b10ea37393c8b5e05f5ea
Score
10/10
Malware Config
Extracted
Path
C:\info-decrypt.txt
Ransom Note
All your files have been encrypted !
( All your files have been encrypted with AES256 + RSA2048 Algorithm due to a security problem with your PC )
- If you want to restore them, write us to the e-mail : [email protected]
- Write this ID in the title of your message : F86B013E
- If you do not receive a response within 12 hours, send a message to this email : [email protected]
( You have to pay for decryption in Bitcoins )
- The price depends on how fast you write to us.
- After payment we will send you the decryption tool that will decrypt all your files.
( Free decryption as guarantee )
- Before paying you can send us up to 1 file for free decryption.
- The total size of files must be less than 1Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)
( How to obtain Bitcoins )
- The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click 'Buy bitcoins', and select the seller by payment method and price.
- https://localbitcoins.com/buy_bitcoins
- Also you can find other places to buy Bitcoins and beginners guide here:
- http://www.coindesk.com/information/how-can-i-buy-bitcoins/
- [ pewpew TEAM ]
Signatures
-
Deletes shadow copies 2 TTPs
Ransomware often targets backup files to inhibit system recovery.
-
Modifies Windows Firewall 1 TTPs
-
Drops startup file 2 IoCs
description ioc Process File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\info-decrypt.hta pewpew_p.bin.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s) 87 IoCs
description ioc Process File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\TGVUK4BG\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V8SX06NR\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini pewpew_p.bin.exe File created C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini pewpew_p.bin.exe File created C:\Program Files\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\desktop.ini pewpew_p.bin.exe File created C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Documents\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\AJM03J3Y\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Downloads\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Saved Games\desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Videos\desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Pictures\Sample Pictures\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GVV7BJHB\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Videos\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Pictures\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Contacts\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Documents\desktop.ini pewpew_p.bin.exe File created C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Music\Sample Music\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\ZMLBLRQ7\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Searches\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLSU73OI\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Videos\Sample Videos\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Links\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\History\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Desktop\desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Music\desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Recorded TV\Sample Media\desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Downloads\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\RBDIK06K\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Ringtones\desktop.ini pewpew_p.bin.exe File created C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Libraries\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Ringtones\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Desktop.ini pewpew_p.bin.exe File created C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini pewpew_p.bin.exe File created C:\Users\Public\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1MJ70CPH\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Favorites\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Favorites\Links for United States\desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Recorded TV\desktop.ini pewpew_p.bin.exe File created C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini pewpew_p.bin.exe File created C:\Users\Public\Desktop\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini pewpew_p.bin.exe File created C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini pewpew_p.bin.exe File created C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini pewpew_p.bin.exe File created C:\Program Files (x86)\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Favorites\Links\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Music\desktop.ini pewpew_p.bin.exe File created C:\Users\Admin\Pictures\desktop.ini pewpew_p.bin.exe -
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
flow ioc 7 ip-api.com -
Modifies service 2 TTPs 15 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\LocalConfig netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\napagent\LocalConfig\Enroll\HcsGroups netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\napagent\LocalConfig\UI netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\LocalConfig netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\napagent\LocalConfig\UI netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\ASR Writer vssvc.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\COM+ REGDB Writer vssvc.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\napagent\LocalConfig\Enroll\HcsGroups netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\Registry Writer vssvc.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\Shadow Copy Optimization Writer vssvc.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas netsh.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5} vssvc.exe -
Suspicious use of NtSetInformationThreadHideFromDebugger 15 IoCs
pid Process 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe 240 pewpew_p.bin.exe -
Drops file in Program Files directory 2049 IoCs
description ioc Process File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUOPTIN.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\OutExport.potx pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\skchobj.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\oledb32r.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ca.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWDWG.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\msdaosp.dll pewpew_p.bin.exe File opened for modification C:\Program Files\ConvertFromRestore.docx pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\micaut.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fi.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\rt3d.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\PushRemove.crw pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lt.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msdaprst.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\IEShims.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\bn.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\id.pak pewpew_p.bin.exe File created C:\Program Files\desktop.ini pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Soft Blue.htm pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{5DF2DCA9-BD54-4513-9B32-2C551D72B961}\83.0.4103.106_chrome_installer.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEES.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwgst.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwLatin.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll pewpew_p.bin.exe File opened for modification C:\Program Files\InvokeSelect.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\System\DirectDB.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe Root Certificate.cer pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\IACOM2.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\MEIPreload\preloaded_data.pb pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCH.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT632.CNV pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ja.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bg.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\oledb32.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACETXT.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_am.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\F12Tools.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\NewOut.midi pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pidgenx.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\vdk150.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sk.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Internet Explorer\SIGNUP\install.ins pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEREP.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAME.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_uk.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png pewpew_p.bin.exe File created C:\Program Files\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\System.AddIn.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdaorar.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\MEIPreload\manifest.json pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png pewpew_p.bin.exe File created C:\Program Files (x86)\Windows Defender\MpAsDesc.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msxactps.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_id.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.rll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMEEXT.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\swiftshader\libGLESv2.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Windows Defender\en-US\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\en-GB.pak pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\pencht.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\WTSP61MS.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sr.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdaenum.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_de.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pl.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sl.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ar.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msadce.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sv.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fil.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\adovbs.inc pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msador15.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\MSOSVINT.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT532.CNV pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\OmdBase.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPHPROXY.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\oledbjvs.inc pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAProject.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdaorar.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hi.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\networkinspection.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msadox28.tlb pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\iedvtool.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\abcpy.ini pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msado25.tlb pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OWSHLP10.CHM pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Windows Defender\MsMpLics.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\fieldswitch.ax pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\es.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.jpg pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOICONS.EXE pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\ielowutil.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msader15.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-PT.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msado15.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_it.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUPLD.INTL.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\SplitBlock.jfif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\lv.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft.NET\RedistList\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\xmlrwbin.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\MTEXTRA.TTF pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\TestUnpublish.sys pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Source Engine\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE pewpew_p.bin.exe File opened for modification C:\Program Files\SearchConvertFrom.001 pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\d3dcompiler_47.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\SecretST.TTF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png pewpew_p.bin.exe File opened for modification C:\Program Files\RedoOut.mpe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\nl.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\hxdsui.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWDAT.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE pewpew_p.bin.exe File created C:\Program Files\DVD Maker\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ml.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\handler.reg pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-TW.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAClientPkg.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Hand Prints.htm pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msadcs.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipBand.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaremr.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_te.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\wab32.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7z.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\networkinspection.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXE8SharedExpat.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ms.pak pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBUI6.CHM pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Eurosti.TTF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IMCONTACT.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.DAT pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\InkDiv.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msdarem.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DissolveAnother.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUTHZAX.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ur.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\sqmapi.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\Common.fxh pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\pdm.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\jsprofilerui.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\tr.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\notification_helper.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\PortalConnect.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\Microsoft.Ink.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg pewpew_p.bin.exe File created C:\Program Files\Common Files\System\MSMAPI\1033\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\v8_context_snapshot.bin pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcor.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\ie9props.propdesc pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\InstallUndo.mhtml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdatt.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\WMM2CLIP.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\ExtExport.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\handler.reg pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\mraut.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ar.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGM.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msdfmap.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\nb.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip pewpew_p.bin.exe File opened for modification C:\Program Files\SubmitBlock.pub pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_100_percent.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msado27.tlb pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\win_x64\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msado26.tlb pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msado20.tlb pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\youtube.crx pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\msdasql.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\MSCDM.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msadcs.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\oledbvbs.inc pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\icudtl.dat pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\wab32res.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.APL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\en-US\wab32res.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\extensibility.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mip.exe.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.htm pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pe.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fi.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\zh-TW.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Windows Defender\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ACE.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBLR6.CHM pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\te.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\VSTARemotingServer.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\BASMLA.XSL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdaer.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUCRES.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\info-decrypt.txt pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.exe.sig pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_pwa_launcher.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\Lang\en.ttt pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.htm pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\Logo.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7zCon.sfx pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msado26.tlb pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hu.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msdarem.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODTXT.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msadrh15.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\msdatl3.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_vi.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\hxdsui.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-CN.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\it.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\PushBlock.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Client.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\penjpn.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\sqloledb.rll pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7-zip32.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\el.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Windows Defender\en-US\MpAsDesc.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBENDF98.CHM pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.CFG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.jpg pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.dll.sig pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\VGX\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPISHELLR.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Update\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msdaprsr.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\Wks9Pxy.cnv pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_cs.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_da.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEOLEDB.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msadds.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png pewpew_p.bin.exe File created C:\Program Files\7-Zip\Lang\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDFFile_8.ico pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine_64.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\docs.crx pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\iexplore.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\PipeTran.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msadox.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msadomd28.tlb pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\info-decrypt.txt pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msado28.tlb pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\msitss55.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\DismountPush.xhtml pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msadcor.dll pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\descript.ion pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ru.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\ITIRCL55.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Microsoft.Ink.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\APIFile_8.ico pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fa.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msadco.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sr.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DissolveNoise.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ja.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\hxdsui.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7-zip.chm pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Shades of Blue.htm pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoCanary.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hr.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODDBS.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msado15.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msadce.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sl.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Update\Install\{5DF2DCA9-BD54-4513-9B32-2C551D72B961}\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hi.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MSTAG.TLB pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDXFile_8.ico pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\DiagnosticsTap.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe pewpew_p.bin.exe File opened for modification C:\Program Files\SubmitOptimize.wav pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\EEINTL.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msado28.tlb pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogo.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en-GB.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Windows Defender\MpClient.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\resources.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BHOINTL.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7zFM.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Office\Office14\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\System\wab32.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\vi.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\adojavas.inc pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\kn.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pt-PT.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\XDPFile_8.ico pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\nacl_irt_x86_64.nexe pewpew_p.bin.exe File opened for modification C:\Program Files\UnblockGroup.reg pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msadox.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\MCABOUT.HTM pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\adcjavas.inc pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\bg.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoDev.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_et.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Services\verisign.bmp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ta.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_XPS.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7z.sfx pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VGX\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\handsafe.reg pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sv.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdate.dll pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7zG.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msadomd.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msdaremr.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\OmdProject.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\pipres.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Thawte Root Certificate.cer pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.XML pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\DESIGNER\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\SETUP.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\adojavas.inc pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\en-US\msader15.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\iedvtool.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\JP2KLib.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msadco.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\83.0.4103.106\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\msdbg2.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msado21.tlb pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_iw.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\EURO\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\DAO\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcfr.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\oisctrl.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSUPLD.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWER.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\EQUATION\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.INF pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\jsdbgui.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUAUTH.CAB pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\UninstallCompress.asx pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\CsiSoap.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png pewpew_p.bin.exe File opened for modification C:\Program Files\WatchPop.eps pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Services\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\gmail.crx pewpew_p.bin.exe File opened for modification C:\Program Files\AddStart.asp pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqloledb.rll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\xmlrw.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ahclient.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pl.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hr.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SecStoreFile.ico pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files\InitializeRemove.vstm pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\eventlog_provider.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\libEGL.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\handsafe.reg pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\83.0.4103.106\83.0.4103.106_chrome_installer.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\gu.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-BR.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_tr.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msado27.tlb pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Orange Circles.htm pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Help\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VVIEWRES.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msaddsr.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Extensions\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoDev.png pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msdaremr.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\jsdbgui.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ms.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdadc.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.INF pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\DenyPing.xlt pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\hxdsui.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\RECOVR32.CNV pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEERR.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ko.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\elevation_service.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\libGLESv2.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\zh-CN.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msado20.tlb pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msadcer.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\InvokeRemove.rle pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\Uninstall.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\en-US\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.Tools.Applications.Project.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWSS.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\FM20.CHM pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msadcfr.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcer.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ru.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Client.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\DESIGNER\MSADDNDR.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sk.pak pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.INF pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Temp\GUM2396.tmp\GoogleUpdateSetup.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\TraceApprove.vdx pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\setup.swf pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\SoftBlue.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\ieinstal.exe.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoCanary.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\adcjavas.inc pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\adcvbs.inc pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\83.0.4103.106.manifest pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\lt.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.jpg pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\VC\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7z.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_200_percent.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\sqloledb.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\en-US\wab32res.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\F12Tools.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\tpcps.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEINTL.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.htm pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPTINPS.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msadomd.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OCLTINT.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdater.cer pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXPSRV.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdaps.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\hxdsui.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_el.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\de.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\Filters.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\drive.crx pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\GroupDismount.xlt pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\FDFFile_8.ico pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.htm pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\MEIPreload\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBHW6.CHM pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\he.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\audiodepthconverter.ax pewpew_p.bin.exe File created C:\Program Files\DVD Maker\offset.ax pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Extensions\external_extensions.json pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll pewpew_p.bin.exe File opened for modification C:\Program Files\RestoreRepair.dotx pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bn.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\swiftshader\libEGL.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll pewpew_p.bin.exe File created C:\Program Files (x86)\MSBuild\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv pewpew_p.bin.exe File created C:\Program Files\Common Files\Services\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\adovbs.inc pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msaddsr.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pt-BR.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msadcf.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fr.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_mr.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Adobe\Updater6\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hu.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\DirectDB.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.jpg pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\manifest.json pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.htm pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VBAOWS10.CHM pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAProjectUI.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200616092334.pma pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png pewpew_p.bin.exe File created C:\Program Files (x86)\desktop.ini pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Green Bubbles.htm pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_kn.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_th.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeUpdater.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\WISC30.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\SETUP.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msador15.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.INF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser_64.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdaurl.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEXBE.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\rtscom.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_is.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\ActionsPane3.xsd pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\RedoGet.mp2 pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm pewpew_p.bin.exe File created C:\Program Files\DVD Maker\soniccolorconverter.ax pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\et.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ml.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FSTOCK.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png pewpew_p.bin.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\logs\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png pewpew_p.bin.exe File opened for modification C:\Program Files\RevokeUnblock.mp2v pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icucnv36.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll pewpew_p.bin.exe File opened for modification C:\Program Files\UseSet.emf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fil.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ro.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\en-US.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\sonicsptransform.ax pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msjro.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\ieinstal.exe pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msader15.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\DVDMaker.exe pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBOB6.CHM pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INLAUNCH.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif pewpew_p.bin.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es-419.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Esl\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fa.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\bod_r.TTF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip pewpew_p.bin.exe File created C:\Program Files\7-Zip\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_elf.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\swiftshader\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSCOPY.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png pewpew_p.bin.exe File created C:\Program Files (x86)\Windows Defender\MpOAV.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sw.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\ieproxy.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DBGHELP.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl pewpew_p.bin.exe File created C:\Program Files\DVD Maker\en-US\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_no.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\msaddsr.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msadcfr.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\oledb32r.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msadcor.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msdaprst.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\THEMES.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files\GetSelect.mp3 pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\uk.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\hxdsui.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\mr.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\directshowtap.ax pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\setup.exe pewpew_p.bin.exe File created C:\Program Files\DVD Maker\rtstreamsource.ax pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\th.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\adcvbs.inc pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msadds.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.INF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\cs.pak pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\msdaps.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\SIGNUP\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\System\msadc\msdfmap.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lv.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSLID.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\external_extensions.json pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\THMBNAIL.PNG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_nl.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\Parity.fx pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSDecWrp.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msadcer.dll pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi pewpew_p.bin.exe File created C:\Program Files\DVD Maker\rtstreamsink.ax pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\PREVIEW.GIF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini pewpew_p.bin.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\PROOF\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\am.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ca.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ko.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\ado\msado25.tlb pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEWSTR.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ta.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\msado21.tlb pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_gu.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icudt36.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Microsoft.Ink.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ro.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Pipeline.dll pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\DW\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.Blueprints.tlb pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\wab32res.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLPROXY.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files\SelectOptimize.midi pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sw.pak pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaprsr.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Temp\GUM2396.tmp\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoBeta.png pewpew_p.bin.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.rll pewpew_p.bin.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png pewpew_p.bin.exe File opened for modification C:\Program Files\7-Zip\7-zip.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee100.tlb pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\ProPlusWW.XML pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Folders\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\System\Ole DB\msxactps.dll pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\en-US\eula.rtf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\digest.s pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\GreenBubbles.jpg pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200616092700.pma pewpew_p.bin.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBCN6.CHM pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\PREVIEW.GIF pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\THMBNAIL.PNG pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXSLE.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\VSTARemotingServer.tlb pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif pewpew_p.bin.exe File created C:\Program Files (x86)\Common Files\System\msadc\msdaprsr.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml pewpew_p.bin.exe File created C:\Program Files\Common Files\System\en-US\info-decrypt.hta pewpew_p.bin.exe File created C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\da.pak pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\es-419.pak pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoBeta.png pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrome.7z pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.VisualElementsManifest.xml pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.INF pewpew_p.bin.exe File created C:\Program Files\Common Files\System\ado\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll pewpew_p.bin.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\info-decrypt.hta pewpew_p.bin.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fr.pak pewpew_p.bin.exe File created C:\Program Files\Common Files\Services\verisign.bmp pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe pewpew_p.bin.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.INF pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png pewpew_p.bin.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png pewpew_p.bin.exe -
Drops file in Windows directory 1 IoCs
description ioc Process File created C:\Windows\info-decrypt.txt pewpew_p.bin.exe -
Interacts with shadow copies 2 TTPs 2 IoCs
Shadow copies are often targeted by ransomware to inhibit system recovery.
pid Process 876 vssadmin.exe 1508 vssadmin.exe -
Suspicious use of AdjustPrivilegeToken 4 IoCs
description pid Process Token: SeDebugPrivilege 240 pewpew_p.bin.exe Token: SeBackupPrivilege 804 vssvc.exe Token: SeRestorePrivilege 804 vssvc.exe Token: SeAuditPrivilege 804 vssvc.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 240 pewpew_p.bin.exe -
Suspicious use of WriteProcessMemory 23 IoCs
description pid Process procid_target PID 240 wrote to memory of 1148 240 pewpew_p.bin.exe 29 PID 240 wrote to memory of 1148 240 pewpew_p.bin.exe 29 PID 240 wrote to memory of 1148 240 pewpew_p.bin.exe 29 PID 240 wrote to memory of 1148 240 pewpew_p.bin.exe 29 PID 240 wrote to memory of 2044 240 pewpew_p.bin.exe 31 PID 240 wrote to memory of 2044 240 pewpew_p.bin.exe 31 PID 240 wrote to memory of 2044 240 pewpew_p.bin.exe 31 PID 240 wrote to memory of 2044 240 pewpew_p.bin.exe 31 PID 1148 wrote to memory of 876 1148 cmd.exe 32 PID 1148 wrote to memory of 876 1148 cmd.exe 32 PID 1148 wrote to memory of 876 1148 cmd.exe 32 PID 1148 wrote to memory of 876 1148 cmd.exe 32 PID 2044 wrote to memory of 1508 2044 cmd.exe 34 PID 2044 wrote to memory of 1508 2044 cmd.exe 34 PID 2044 wrote to memory of 1508 2044 cmd.exe 34 PID 240 wrote to memory of 1792 240 pewpew_p.bin.exe 38 PID 240 wrote to memory of 1792 240 pewpew_p.bin.exe 38 PID 240 wrote to memory of 1792 240 pewpew_p.bin.exe 38 PID 240 wrote to memory of 1792 240 pewpew_p.bin.exe 38 PID 240 wrote to memory of 1664 240 pewpew_p.bin.exe 39 PID 240 wrote to memory of 1664 240 pewpew_p.bin.exe 39 PID 240 wrote to memory of 1664 240 pewpew_p.bin.exe 39 PID 240 wrote to memory of 1664 240 pewpew_p.bin.exe 39
Processes
-
C:\Users\Admin\AppData\Local\Temp\pewpew_p.bin.exe"C:\Users\Admin\AppData\Local\Temp\pewpew_p.bin.exe"1⤵
- Drops startup file
- Drops desktop.ini file(s)
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:240 -
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c vssadmin.exe delete shadows /all /quiet2⤵
- Suspicious use of WriteProcessMemory
PID:1148 -
C:\Windows\SysWOW64\vssadmin.exevssadmin.exe delete shadows /all /quiet3⤵
- Interacts with shadow copies
PID:876
-
-
-
C:\Windows\system32\cmd.exe"cmd" /C vssadmin Delete Shadows /All /Quiet2⤵
- Suspicious use of WriteProcessMemory
PID:2044 -
C:\Windows\system32\vssadmin.exevssadmin Delete Shadows /All /Quiet3⤵
- Interacts with shadow copies
PID:1508
-
-
-
C:\Windows\system32\netsh.exe"netsh.exe" Advfirewall set allprofiles state off2⤵
- Modifies service
PID:1792
-
-
C:\Windows\system32\netsh.exe"netsh.exe" Advfirewall set allprofiles state off2⤵
- Modifies service
PID:1664
-
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
- Modifies service
- Suspicious use of AdjustPrivilegeToken
PID:804