Analysis
-
max time kernel
120s -
max time network
91s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
03/11/2020, 23:11
Static task
static1
Behavioral task
behavioral1
Sample
Photo-125-137.jpg.scr
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Photo-125-137.jpg.scr
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
Photo-125-137.jpg.scr
Malware Config
Extracted
Path
C:\4281278655928\Read_Me.txt
Ransom Note
Attention!
All your files, documents, photos, databases and other important files are encrypted
The only method of recovering files is to purchase an unique decryptor. Only we can give you this decryptor and only we can recover your files.
The server with your decryptor is in a closed network TOR. You can get there by the following ways:
----------------------------------------------------------------------------------------
1. Download Tor browser - https://www.torproject.org/
2. Install Tor browser
3. Open Tor Browser
4. Open link in TOR browser: http://25xb3kc6azicbbuo.onion/?NDSIYNDS
5. Follow the instructions on this page
----------------------------------------------------------------------------------------
On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.
Alternate communication channel here: http://helpqvrg3cc5mvb3.onion/
URLs
http://25xb3kc6azicbbuo.onion/?NDSIYNDS
http://helpqvrg3cc5mvb3.onion/
Signatures
-
Executes dropped EXE 3 IoCs
pid Process 680 17078.exe 1804 winsvcs.exe 1568 3697516955.exe -
Modifies Installed Components in the registry 2 TTPs
-
Modifies extensions of user files 2 IoCs
Ransomware generally changes the extension on encrypted files.
description ioc Process File renamed C:\Users\Admin\Pictures\MoveDisable.raw => C:\Users\Admin\Pictures\MoveDisable.raw.ReadMe 3697516955.exe File renamed C:\Users\Admin\Pictures\StartEnter.raw => C:\Users\Admin\Pictures\StartEnter.raw.ReadMe 3697516955.exe -
Loads dropped DLL 14 IoCs
pid Process 1688 Photo-125-137.jpg.scr 680 17078.exe 1804 winsvcs.exe 1804 winsvcs.exe 1568 3697516955.exe 1568 3697516955.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1532 MsiExec.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
description ioc Process Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\AntiVirusOverride = "1" winsvcs.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\AntiVirusDisableNotify = "1" winsvcs.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\FirewallOverride = "1" winsvcs.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\FirewallDisableNotify = "1" winsvcs.exe -
Adds Run key to start application 2 TTPs 2 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\4281278655928\\winsvcs.exe" 17078.exe Set value (str) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\4281278655928\\winsvcs.exe" 17078.exe -
Drops desktop.ini file(s) 41 IoCs
description ioc Process File opened for modification C:\Users\Public\Downloads\desktop.ini 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\X6969WXQ\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Links\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Music\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Music\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Videos\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\5JH7AFHU\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Saved Games\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Documents\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Music\Sample Music\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Desktop\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Desktop\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Documents\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Pictures\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Searches\desktop.ini 3697516955.exe File opened for modification C:\Program Files\desktop.ini 3697516955.exe File opened for modification \??\M:\$RECYCLE.BIN\S-1-5-21-293278959-2699126792-324916226-1000\desktop.ini explorer.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Favorites\Links for United States\desktop.ini 3697516955.exe File opened for modification C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Favorites\Links\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Pictures\Sample Pictures\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Recorded TV\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\6O9TWDTA\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Downloads\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Favorites\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Videos\Sample Videos\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\XHJ74TZW\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Libraries\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Pictures\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Contacts\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Videos\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Recorded TV\Sample Media\desktop.ini 3697516955.exe -
Enumerates connected drives 3 TTPs 47 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\M: 3697516955.exe File opened (read-only) \??\P: msiexec.exe File opened (read-only) \??\S: msiexec.exe File opened (read-only) \??\U: msiexec.exe File opened (read-only) \??\U: 3697516955.exe File opened (read-only) \??\B: 3697516955.exe File opened (read-only) \??\F: 3697516955.exe File opened (read-only) \??\B: msiexec.exe File opened (read-only) \??\E: msiexec.exe File opened (read-only) \??\F: msiexec.exe File opened (read-only) \??\G: msiexec.exe File opened (read-only) \??\N: msiexec.exe File opened (read-only) \??\R: 3697516955.exe File opened (read-only) \??\O: 3697516955.exe File opened (read-only) \??\Z: msiexec.exe File opened (read-only) \??\V: 3697516955.exe File opened (read-only) \??\I: msiexec.exe File opened (read-only) \??\Q: msiexec.exe File opened (read-only) \??\W: msiexec.exe File opened (read-only) \??\E: 3697516955.exe File opened (read-only) \??\J: 3697516955.exe File opened (read-only) \??\G: 3697516955.exe File opened (read-only) \??\L: 3697516955.exe File opened (read-only) \??\N: 3697516955.exe File opened (read-only) \??\A: msiexec.exe File opened (read-only) \??\H: msiexec.exe File opened (read-only) \??\R: msiexec.exe File opened (read-only) \??\I: 3697516955.exe File opened (read-only) \??\A: 3697516955.exe File opened (read-only) \??\V: msiexec.exe File opened (read-only) \??\X: msiexec.exe File opened (read-only) \??\S: 3697516955.exe File opened (read-only) \??\H: 3697516955.exe File opened (read-only) \??\Z: 3697516955.exe File opened (read-only) \??\Q: 3697516955.exe File opened (read-only) \??\W: 3697516955.exe File opened (read-only) \??\J: msiexec.exe File opened (read-only) \??\K: msiexec.exe File opened (read-only) \??\L: msiexec.exe File opened (read-only) \??\T: msiexec.exe File opened (read-only) \??\Y: msiexec.exe File opened (read-only) \??\T: 3697516955.exe File opened (read-only) \??\K: 3697516955.exe File opened (read-only) \??\Y: 3697516955.exe File opened (read-only) \??\P: 3697516955.exe File opened (read-only) \??\X: 3697516955.exe File opened (read-only) \??\O: msiexec.exe -
Modifies service 2 TTPs 4 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe -
Drops file in Program Files directory 12061 IoCs
description ioc Process File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0287005.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Traditional.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrow.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jpeg.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFRES.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00057_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONMAIN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemuxdump_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02757U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285410.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CERTINTL.DLL 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Media Player\Icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\networkinspection.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01561_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Thatch.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_OffMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\MSPVWCTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187883.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02738U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\my\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21325_.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107026.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PAPERS.INI 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_decreaseindent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ogalegit.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\is.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099194.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341328.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00390_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7FR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIcon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png 3697516955.exe File created C:\Program Files (x86)\Google\Update\Download\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai 3697516955.exe File created C:\Program Files\Windows Media Player\Visualizations\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpenc.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107258.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0227558.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00260_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02228_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OMSINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14845_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00919_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105388.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\HEADING.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PNCTUATE.POC 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\URBAN_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_center.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_1.jtp 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Full.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101857.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Executive.xml 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSACC.OLB 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AU.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Address.accft 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR19F.GIF 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01074_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_ON.GIF 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODDBS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15019_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238959.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 3697516955.exe File opened for modification C:\Program Files\AddShow.jfif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18253_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15073_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB2A.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\Parity.fx 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00445_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297725.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR18F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZMAIN.ACCDE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Midway 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\flyout_background.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\MCESidebarCtrl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME21.CSS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\glass.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00253_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESUME.DPV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.InfoPath.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34B.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\LAYERS.INF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN022.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tehran 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\SIGNUP\install.ins 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-execution.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\calendars.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GKWord.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrome.7z 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\Read_Me.txt 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Knox 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.data\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Brunei 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251301.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOSTYLE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Charitable Contributions.accdt 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee100.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00780L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\TRANSMGR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Earthy.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\TOC98.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\.lastModified 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradient_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0315447.JPG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR13F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_spellcheck.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\te.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Indian\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\common.js 3697516955.exe File created C:\Program Files\VideoLAN\VLC\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239063.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21340_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.BR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPFT632.CNV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VisioCustom.propdesc 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdater.cer 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Clarity.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\THOCRAPI.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386120.JPG 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pago_Pago 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\PHONE.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107446.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01126_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00050_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00177_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Flow.thmx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libidummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadds.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107456.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239191.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237759.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Grid.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18207_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Maceio 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_el.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART5.BDR 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\verify.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Gaza 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285926.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15034_.GIF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLFLTR.DAT 3697516955.exe File created C:\Program Files\Mozilla Firefox\browser\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\PAWPRINT.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\ECHO.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\WATERMAR.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsMacroTemplate.html 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\Welcome.html 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SecStoreFile.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15135_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153093.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Module.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21312_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\form_edit.js 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1036\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en-GB.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01329_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199307.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02085_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15155_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GKPowerPoint.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\EXPLODE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\USP10.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01294_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar 3697516955.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00542_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199549.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300520.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME18.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART3.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105974.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PRRT.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBLINK.POC 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-CN.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UNT 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdm.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0158007.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOMAIL.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Wordcnvpxy.cnv 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188513.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKL.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107264.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00882_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADVTEL.DIC 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\master_preferences 3697516955.exe File opened for modification C:\Program Files\DVD Maker\WMM2CLIP.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.password.template 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\liblogger_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fur.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233018.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285796.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00788_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESTS.ICO 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMEEXT.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handsafe.reg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21315_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02126_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21376_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01080_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15302_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtcp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado28.tlb 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WWLIB.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Payment Type.accft 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-PT.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19986_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281630.WMF 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00231_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_06.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215710.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\DVDMaker.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_italic.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libchorus_flanger_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099147.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libscreen_plugin.dll 3697516955.exe File opened for modification C:\Program Files\EnableResolve.mp4v 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatializer_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151063.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00483_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10255_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01797_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21548_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2B.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\REFINED.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200383.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01239K.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN090.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPUNCT.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Atlantic\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\plugin.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PRTF9.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Civic.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarViewButtonImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\MANUAL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02793_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\settings.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02386_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00693_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GR8GALRY.GRA 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\LATIN1.SHP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png 3697516955.exe File created C:\Program Files (x86)\Common Files\DESIGNER\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AIR98.POC 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OTKLOADR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_HighMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\th.pak 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHTMED.EXE 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwingdi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02009_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15060_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\omni.ja 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\MOFL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNoteNames.gpd 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105412.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BloodPressureTracker.xltx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BOAT.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02617_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME08.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHLTS.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\.lastModified 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\UmOutlookStrings.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SELFCERT.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chicago 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR10F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299125.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EAWFINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau 3697516955.exe File created C:\Program Files\Windows Media Player\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\Read_Me.txt 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.htm 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIconMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0315612.JPG 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\ieinstal.exe 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\JSProfilerCore.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Tucuman 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Denver 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107496.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ViewHeaderPreview.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN058.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyReport.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iexplore.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSO0127.ACL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00006_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jabswitch.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00038_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152688.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02265_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Casual.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Google\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186360.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.Server.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\npt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03012U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21343_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBHED98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tunis 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\wxpr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24Images.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Setup.exe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00103_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01163_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00396_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Horizon.thmx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libmmdevice_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WORDICON.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105266.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Elemental.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Beige.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BUTTON.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-BR.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\SynchronizationEula.rtf 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\da\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00296_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00305_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18194_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Customer Support.fdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00333_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Verve.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BillingStatement.xltx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02116_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15173_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javaw.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Chagos 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00011_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01179_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsDoNotTrust.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21318_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN002.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WORDIRMV.XML 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpconfig.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01238_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR41F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46B.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107490.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296279.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_italic.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWER.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04134_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSProxy32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_HK.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libconsole_logger_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01793_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NBOOK_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\VelvetRose.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\iedvtool.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01046J.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Magadan 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00005_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099189.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\WSSFilesToolHomePageBackground.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasql.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d9_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7es.kic 3697516955.exe File created C:\Program Files (x86)\Windows Mail\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaosp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Couture.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Trek.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EntityPickerIntl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierUpArrow.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00668_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts2.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OutDomain.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Category.accft 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHSRN.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts2.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\BTOPENWORLD.COM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN081.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwLatin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200611.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\az.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jfr.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02736U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrow.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1CACH.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR15F.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195384.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEM.CFG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack200.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00853_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\WARN.WAV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIconMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadds.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199303.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Angles.eftx 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.jpg 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\si\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00586_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185834.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382938.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341439.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00175_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Flow.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ja.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqloledb.rll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03470_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09662_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00076_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageScript.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCAL.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02742U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149407.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Wordcnvr.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099195.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_bullets.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPIRMV.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB1A.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01358_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18229_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSAIN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Verve.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387578.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Cocos 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01183_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215709.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCDDSLM.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBARBLL.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\OrielFax.Dotx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178639.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZCARD.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Palau 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281632.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Document Themes 14\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4ADT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00437_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152622.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0321179.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME14.CSS 3697516955.exe File created C:\Program Files\Windows Media Player\Media Renderer\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Australia\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\th\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpEvMsg.dll 3697516955.exe File created C:\Program Files\WindowsPowerShell\Configuration\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.DLL 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187859.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORT.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSTORDB.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jsse.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UDT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00795_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00516L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0186348.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME28.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFNOT.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OFFLINE.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INTLDATE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Graph.exe.manifest 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACETXT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309705.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUPLD.INTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SEQCHK10.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00234_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0089992.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Essential.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15059_.GIF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipBand.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLLEX.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ta.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00391_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0215086.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_VelvetRose.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZTOOL.ACCDE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\br\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_COL.HXC 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WITHCOMP.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0171685.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBrowserUpgrade.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24ImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.rll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5EDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309598.JPG 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\profilerinterface.dll 3697516955.exe File opened for modification C:\Program Files\RestartFind.MOD 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\IEShims.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server-15.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Horizon.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OWSHLP10.CHM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.XML 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19563_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01139_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107724.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\profile.jfc 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0158477.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Client.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\YEAR.XSL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\PYCC.pf 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OPTINPS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106572.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174635.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR23F.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATALOG.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183198.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14794_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT 3697516955.exe File created C:\Program Files\Windows NT\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00157_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00646_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Median.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\86.0.4240.111\86.0.4240.111_chrome_installer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188519.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21298_.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libinflate_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00439_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02263_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-cn.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODTXT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Hardcover.thmx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Havana 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240291.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10266_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Management.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsVersion1Warning.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudiobargraph_a_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MSASCui.exe 3697516955.exe File opened for modification C:\Program Files\Windows NT\Accessories\WordpadFilter.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7ES.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0156537.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00704_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Premium.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Premium.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212685.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAProject.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Metlakatla 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR25F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\blacklist 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0295241.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0228959.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21316_.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297229.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_underline.gif 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SOCIALCONNECTOR.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21422_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\MSOERES.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bg.pak 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04332_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387895.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Horizon.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME39.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ORIG98.POC 3697516955.exe File opened for modification C:\Program Files\7-Zip\7z.exe 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\it.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\ProPlusWW.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105306.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0164153.JPG 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\eo.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_LightSpirit.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN082.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\RICEPAPR.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187847.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Perspective.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234657.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ERROR.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Ojinaga 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01157_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\installer.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado26.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400003.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALENDAR.DPV 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00459_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02048_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18221_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SUBMIT.JS 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBTRAP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Start End Dates.accft 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.TW.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FBIBLIO.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152694.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLVBS.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00737_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ta.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar 3697516955.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcfr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105414.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18254_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\cs.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Perth 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File created C:\Program Files (x86)\Google\Temp\GUMBFA6.tmp\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TipsImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-templates.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00167_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULQOT98.POC 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\el.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Lisbon 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14582_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099153.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME04.CSS 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\cursors.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Araguaina 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222019.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21519_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115840.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14756_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143753.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\LINES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\LICENSE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02227_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14981_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Skins\Revert.wmz 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01575_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessData.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ja_JP.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157191.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSUPLD.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Network Sharing\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\af.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\JavaAccessBridge-64.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\UnformattedNumeric.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.security 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jsound.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18205_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALENDAR.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099148.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292272.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00798_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft.NET\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105530.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cuiaba 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01866_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\el\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.CGM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00010_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02282_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02313_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157831.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmlaunch.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL012.XML 3697516955.exe File opened for modification C:\Program Files\Windows Mail\en-US\msoeres.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01173_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10299_.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libparam_eq_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Seyes.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0214934.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216112.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309902.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLADD.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Adobe.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPMediaSharing.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0305257.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7MDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187647.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\GIGGLE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\RADIO.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18184_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Whitehorse 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\lua\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\java.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152702.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153089.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\TITLE.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Resources.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FiveRules.potx 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montreal 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\DEEPBLUE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14579_.GIF 3697516955.exe File created C:\Program Files (x86)\Windows NT\Accessories\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186364.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_off.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_bullets.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.dub 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penjpn.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14870_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaps.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099201.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03257_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03143I.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152716.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03380I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMARQ.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00200_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00694_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Moscow 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXP_PDF.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105588.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382952.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02263_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libEGL.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02054_.WMF 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\settings.ini 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00037_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00546_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME33.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\HICCUP.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\id\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Midway 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01461_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\VeriSignLogo.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\NOTEBOOK.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN111.XML 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300840.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15061_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL111.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\d3d11\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099160.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172193.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceYi.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Contacts.accdt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099179.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105234.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02424_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\3082\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21313_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14831_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLNOTER.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\java-rmi.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLFLTR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7EN.DLL 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14792_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsImageTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSODCW.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02754U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImagesMask256Colors.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL078.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\MSGR3ES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tashkent 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REC.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mip.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099166.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.HXS 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml 3697516955.exe File created C:\Program Files (x86)\Windows NT\TableTextService\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_autodel_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18219_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcjavas.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ACT3R.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\custom.lua 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Invite or Link.one 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02749G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEMANAGED.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Elegant.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\hy.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnoseek_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\AFTRNOON.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07804_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_F_COL.HXK 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Windows Photo Viewer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\cy.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090779.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL086.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART6.BDR 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\kinit.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODEXL.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01184_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7ge.kic 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00116_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02062U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OL.SAM 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.JS 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143748.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Flow.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\jsdebuggeride.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Christmas 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpSvc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00428_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WZCNFLCT.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Microsoft.Ink.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.LTS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01265U.BMP 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSAutogen.dll 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105338.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00222_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00426_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099156.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103402.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01636_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107544.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\Common.fxh 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152892.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02214_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_TexturedBlue.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309904.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21448_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImage.jpg 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_04.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS0009.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00231_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\List.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ahclient.dll 3697516955.exe File created C:\Program Files (x86)\Google\Policies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01268_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIcon.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\text_renderer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\VSTARemotingServer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adojavas.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115844.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\icudtl.dat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Metro.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14693_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01745_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingEngine.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00452_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcfr.dll.mui 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18199_.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-GB.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTITS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\ARCTIC.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00734_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WHIRL2.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Teal.css 3697516955.exe File opened for modification C:\Program Files\7-Zip\History.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Easter 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099184.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143749.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL083.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CET 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\Journal.exe.mui 3697516955.exe File opened for modification C:\Program Files\Windows Mail\en-US\WinMail.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19582_.GIF 3697516955.exe File created C:\Program Files\Java\jre7\lib\fonts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Maroon.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\Documentation.url 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icudt36.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099203.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OCLTINT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA000C.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\TECHTOOL.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21294_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Amman 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0280468.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01361_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\ANALYS32.XLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.InfoPath.Client.Internal.CLRHost.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\directshowtap.ax 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Mso Example Intl Setup File A.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_08.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02082_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR27F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_AutoMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185842.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_over.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\splash.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00204_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198377.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00194_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATWIZ11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Manaus 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine_64.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Aspect.xml 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR12F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jcmd.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099193.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Discussion14.gta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Tabs.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21344_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_COL.HXT 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png 3697516955.exe File created C:\Program Files\Mozilla Firefox\defaults\pref\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME46.CSS 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.cpu.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\java_crw_demo.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoBase.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sk.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-dialogs.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WING2.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBOXES.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\fieldswitch.ax 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\1033\Synchronization.rll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\SOLVER32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03795_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCDDSF.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EXSEC32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpClient.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vilnius 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00265_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185780.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281640.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Earthy.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107744.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTAREA.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabmig.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Choibalsan 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099149.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185776.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\GRIP.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.InfoPath.FormControl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00394_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SAMPLES\SOLVSAMP.XLS 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00612_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107452.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR39F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSOSEC.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SAVE.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00440_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_03.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART8.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePage.html 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MUOPTIN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107262.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jayapura 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-visual.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management\snmp.acl.template 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382968.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\trusted.libraries 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\THMBNAIL.PNG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.ID.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBRV.XML 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nl.pak 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382925.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15170_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTEX.ECF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\be.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15018_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SegoeChess.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0157995.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Hermosillo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01060_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02115_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplateRTL.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240157.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guatemala 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Macau 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00343_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187837.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR42F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFS.ICO 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sq.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105230.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ca.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\US_export_policy.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Essential.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AWARDHM.POC 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Triedit\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00045_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151581.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Country.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSClientManifest.man 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBOX.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialResume.dotx 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\APIFile_8.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03339_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00350_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01839_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Oriel.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Essential.thmx 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00932_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEMS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\javaws.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00648_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00241_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\lv.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107488.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086432.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03241_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB3B.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROG98.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Malta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00525_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152876.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187817.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01545_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\CLIPART\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216153.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Austin.thmx 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\setup_wm.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESENDL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GFX.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrowMask.bmp 3697516955.exe File opened for modification C:\Program Files\7-Zip\7-zip.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\release 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\HST10 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOffMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.TTS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00911_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Synchronization.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Lagos 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00161_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200273.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Technic.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURE.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SENDTO.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099171.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196110.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14983_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessData.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-heapwalker.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dubai 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00513_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090149.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02055_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ASCIIENG.LNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\ISO690Nmerical.XSL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21527_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\WTSP61MS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SHARING.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_pressed.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUNGLE.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EET 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wallis 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\SKY.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107188.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384888.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00934_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Aspect.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_VelvetRose.gif 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\net.properties 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301076.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Oslo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\RADIAL.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105526.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Civic.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\mlib_image.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01734_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD06102_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00790_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107426.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\JOURNAL.INF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fakaofo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107516.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18245_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR20F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBORDER.DPV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTES.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\cs.pak 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chihuahua 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Damascus 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEERR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14755_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\DADSHIRT.HTM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Perspective.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18206_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18251_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ENVELOPE.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOUTL.OLB 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217262.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18244_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sk.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tripoli 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_gu.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341551.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00476_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107734.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\PASSWORD.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0149018.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+3 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Istanbul 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONELEV.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_hu.jar 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Bermuda 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Minsk 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\removed-files 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\bod_r.TTF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105232.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239941.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090027.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185790.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\PAB.SAM 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01639_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187839.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00255_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCESS12.ACC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RECS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLINACC.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fr.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MUAUTH.CAB 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN102.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MARQUEE.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR22F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR30F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVHM.POC 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoDev.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Gambier 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105336.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107282.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Equity.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\http.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\AFTRNOON.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Issues.accdt 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsvorepository_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Oarpmany.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHLEX.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOff.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\content-types.properties 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlc.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02094_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00095_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Karachi 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106208.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01330_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange.css 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado21.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBHD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL022.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\EDGE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ie9props.propdesc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00669_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107512.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSCOL11.PPD 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04195_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086426.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187849.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FSTOCK.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\WATERMAR.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14532_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21435_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsFormTemplate.html 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Miquelon 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00247_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21370_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\OmdBase.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montevideo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01176_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0336075.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2F.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_100_percent.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\setup_wm.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107302.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-actions.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SHOW_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14754_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME38.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.BusinessData.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBrowserUpgrade.html 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplateRTL.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Belgrade 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\networkinspection.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_am.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01566_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18212_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00965_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDRESN.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\WHOOSH.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGDOTS.DPV 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234266.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7FR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\requests\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\micaut.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.rll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME27.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\eula.rtf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\README.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00145_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01196_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BUSINESS.ONE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mr.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid.gif 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libgoom_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309567.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028183641.pma 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hovd 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\platform.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21299_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLED.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0235241.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\tr.pak 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_pwa_launcher.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19695_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287408.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02746G.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_disable.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10358_.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\THANKS.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099205.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mng.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232171.WMF 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02116_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143754.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15184_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CHECKER.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\rmiregistry.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00126_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Trek.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR38F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTE.CFG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212701.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jfxrt.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0332364.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\RTF_BOLD.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143752.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALSO11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpenc.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099150.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15277_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CharSetTable.chr 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPMediaSharing.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sv.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02356_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIcons.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\npvlc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185806.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18255_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESNL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Wordcnv.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvc1_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\helpmap.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CRANINST.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR14F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL.DPV 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado25.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jakarta 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01751_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18236_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14793_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\index.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDCNCLS.ICO 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuching 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02024_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00720_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02067_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsepia_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02092_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZDAT12.ACCDU 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iedvtool.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CHIMES.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\107.accdt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215076.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageScript.js 3697516955.exe File created C:\Program Files\Java\jre7\lib\security\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200183.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ContemporaryPhotoAlbum.potx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WNTER_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_underline.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287641.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\classlist 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR39F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01747_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_VelvetRose.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02417U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18238_.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\de\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187815.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEREP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222021.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME35.CSS 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sw.pak 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msador15.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Caracas 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\va.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Filters\odffilt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00998_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LINEACT.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Apia 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Grid.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImagesMask.bmp 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mazatlan 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageSlice.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301432.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02390_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 3697516955.exe File created C:\Program Files\Windows NT\TableTextService\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Beirut 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Apex.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Opulent.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Darwin 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02187_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME34.CSS 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgaussianblur_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADVZIP.DIC 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jni.h 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107308.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00389_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01149_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CHECKBOX.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02093_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Person.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VPREVIEW.EXE 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fa.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBLR6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00792_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\WinMail.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00397_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01657_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTOC.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Users.accdt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdca_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\deploy.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wake 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\msvcp140.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawaud_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0175361.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hong_Kong 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Amsterdam 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingEngine.dll 3697516955.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09194_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239973.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterApplicationDescriptors.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightRegular.ttf 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199429.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00768_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199036.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14691_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107722.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21330_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\vi.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tahiti 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxwebkit.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rankin_Inlet 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Omsk 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\nl.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\El_Salvador 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04385_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Austin.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado26.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPLTMPL.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV.HXS 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdirectory_demux_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javaws.policy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_socket.dll 3697516955.exe File created C:\Program Files (x86)\Windows Portable Devices\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01138_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Austin.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50F.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft SQL Server Compact Edition\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll 3697516955.exe File opened for modification C:\Program Files\RestoreRevoke.kix 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200377.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00687_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00640_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7FR.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14790_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MAPIPH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sidebar.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18191_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\es\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Hardcover.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\id.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115864.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00923_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341557.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\DLGSETP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Juneau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00728_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ADD.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00105_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10308_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\TYPE.WAV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\eqnedt32.exe.manifest 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01172_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Groove Starter Template.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_GreenTea.gif 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveResume.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.PPT 3697516955.exe File opened for modification C:\Program Files\7-Zip\Uninstall.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195248.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239935.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02270_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BHOINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCINFO.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174315.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182689.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01491_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282126.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00417_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\NBDoc.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00685_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00555_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02756U.BMP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\OFFICE10.MML 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es-419.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0229389.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLow.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\sqmapi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14528_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDREST.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\extensibility.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00367_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Tasks.accdt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00078_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.xsl 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PROOF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan 3697516955.exe File created C:\Program Files\Windows Journal\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00479_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\St_Johns 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_is.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\OUTDR_01.MID 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL044.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPTICO.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fi.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\jnwppr.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-2 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\WET 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185828.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21326_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Process Library.fdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-explorer.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kabul 3697516955.exe File created C:\Program Files (x86)\Internet Explorer\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_iw.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01293_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01750_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialReport.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TAIL.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmarq_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00705_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293240.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Groove.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Slipstream.thmx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME37.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyResume.dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti 3697516955.exe File opened for modification C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\3082\MSO.ACL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\SecretST.TTF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01151_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImage.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02071U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OneNoteSyncPCIntl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6EXT.OLB 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Stanley 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_out\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00006_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00116_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153508.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18216_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01785_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105380.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00183_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTEX2.ECF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-io.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\or\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1XTOR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02384_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPCORE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieNewsletter.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\TimeCard.xltx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOCFU.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Pushpin.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECREC.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\InformationIcon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00330_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01179J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01931J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\BodyPaneBackground.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN044.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUDGESCH.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vienna 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fil.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\libxslt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04191_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00608_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL98.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\+Connect to New Data Source.odc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1665.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239079.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\gu.pak 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-TW.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\msoe.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287644.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME22.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14654_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLNOTE.FAE 3697516955.exe File opened for modification C:\Program Files\7-Zip\readme.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02958_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01840_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsVersion1Warning.htm 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\javafx.properties 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ro.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\ehshellLogo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR40F.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ne.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01191_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02453_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Paper.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00135_.GIF 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\ieproxy.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02269_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Adjacency.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21518_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\server\jvm.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmicrodns_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ENVELOPR.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\mpvis.dll.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCARD11.POC 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPML.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\RTF_BOLD.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.InfoPath.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Adjacency.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\HEADER.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152898.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME25.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR26F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR29F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\PACBELL.NET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\eula.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Andorra 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DELIMDOS.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbvbs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200521.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02282_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01560_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FORM.ICO 3697516955.exe File created C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106146.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCARD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\setup_wm.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21301_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\jvm.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00077_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309920.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\flavormap.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18181_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME53.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote.ini 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\RECALL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kiritimati 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CUPINST.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21423_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15035_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.DOC 3697516955.exe File opened for modification C:\Program Files\7-Zip\7zG.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\ColleagueImport.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Orange Circles.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107358.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Couture.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OMSMAIN.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-text.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlcecompact35.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_TexturedBlue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCHUR11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGNHM.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\RE00006_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\mozglue.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105384.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14883_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLSLICER.DLL 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pyongyang 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Indianapolis 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac 3697516955.exe File created C:\Program Files\Windows Journal\Templates\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UCT 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18242_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\FAXEXT.ECF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\awt.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00623_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21332_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OEMPRINT.CAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\IETAG.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00390_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00726_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21303_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.RSD 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0294989.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01240_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\schemagen.exe 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24ImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaremr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105292.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03466_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VBAOWS10.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD11.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Istanbul 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsmb_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01006_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACCL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableDownArrow.jpg 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\hi.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_udp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00122_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SUBMIT.JS 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152590.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcs.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105294.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182902.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182946.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\TALK21.COM.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01658_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188511.WMF 3697516955.exe File created C:\Program Files\Common Files\System\msadc\en-US\Read_Me.txt 3697516955.exe File created C:\Program Files\WindowsPowerShell\Configuration\Registration\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Internet Explorer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02748G.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Median.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GB.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnPPT.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145373.JPG 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\elevation_service.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkDiv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0150861.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00168_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME49.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMaskSmall.bmp 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Google\CrashReports\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02407_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\COUPLER.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\SalesReport.xltx 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Memo.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384900.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL097.XML 3697516955.exe File opened for modification C:\Program Files\7-Zip\7zFM.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18243_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceca35.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libudp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.ES.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01242_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\PUSH.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-options.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Apothecary.eftx 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\LightSpirit.css 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187895.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215718.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-heapdump.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml 3697516955.exe File created C:\Program Files\Mozilla Firefox\defaults\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099159.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382970.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LETTHEAD.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1CORE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152698.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePageBlank.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SessionOwner.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jli.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Costa_Rica 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Athens 3697516955.exe File created C:\Program Files\Common Files\System\ado\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACEDAO.DLL 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pl.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Krasnoyarsk 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300912.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Northwind.accdt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00268_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.XML 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00448_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPTIRMV.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\rt.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19827_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02755U.BMP 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png 3697516955.exe File created C:\Program Files\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATWIZ.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBARV.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprst.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.log 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMCCore.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\settings.css 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.policy 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099181.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.HLP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03459_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHigh.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00248_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\dialogs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\softokn3.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00174_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Newsprint.eftx 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\notification_helper.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00172_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115842.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lv.pak 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpCommu.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\MSMAPI\1033\MSMAPI32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MIMEDIR.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe 3697516955.exe File opened for modification C:\Program Files\Windows NT\Accessories\wordpad.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\SONORA.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGZIP.DPV 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME55.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Office64MUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215070.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02134_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zurich 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02287_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\OneNote\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR00.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSLIST.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUDGESCH.HTM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSSOAP30.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SlateBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libGLESv2.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Winnipeg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02097_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03011U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152882.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Paramaribo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\am.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238983.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0250504.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\Filters.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216612.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293828.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\qipcap64.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_output\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcanvas_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYBB.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD06200_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Funafuti 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ADO210.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0090386.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18187_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02166_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00049_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Apex.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15136_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSVCR71.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00034_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03464_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02252_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198372.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287417.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03453_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\attention.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\form_edit.js 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7ES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\PersonalMonthlyBudget.xltx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105282.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\ieinstal.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\SLATE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00455_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_10.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18234_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.JP.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.bat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOCFUIUTILITIESDLL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10301_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterNotificationDescriptors.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\libarchive_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HTECH_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0337280.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\he\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadce.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDECL.ICO 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-US.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195254.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212299.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198021.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Median.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHSAPIFE.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guatemala 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_fr.dub 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL058.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baghdad 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00269_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02291U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_ON.GIF 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Technic.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0240695.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESENDS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01572_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLPH.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216588.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Generic.gif 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387882.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Casual.gif 3697516955.exe File created C:\Program Files (x86)\Windows Photo Viewer\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00171_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Louisville 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Grid.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Earthy.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EAST_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01627_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01590_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONTAB32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099151.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01568_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ContactPickerIntl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME15.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Adobe.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115867.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL002.XML 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\da.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386267.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsTap.dll 3697516955.exe File opened for modification C:\Program Files\SplitExport.avi 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145707.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00433_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05869_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Premium.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_en.dub 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21310_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\SNEEZE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382960.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18227_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BROCHURE.XML 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\THOCR.PSP 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-actions.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Msgbox.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\LEVEL.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02106_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST5EDT 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLRPC.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309480.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10302_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Public_Primary_CA.cer 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pencht.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00388_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYERHM.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICCAP98.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\DefaultBlackAndWhite.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeUpdater.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusOnline.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Moncton 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0211949.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPDESIGN.DLL 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\hr.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACERECR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01470_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21433_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanReport.Dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099175.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382944.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00166_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALSO98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.exe 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Journal.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0324694.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Metro.eftx 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Stationery\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jawt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\en-US\TableTextService.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10264_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02743G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Moscow 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01174_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Concourse.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXSLE.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\splashscreen.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02201_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\SIST02.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01216_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00438_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107132.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01661_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21305_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnOL.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-common.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\HEADER.GIF 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106222.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297757.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Atikokan 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msxactps.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\86.0.4240.111_chrome_installer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198226.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297551.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02829J.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Stock Quotes.iqy 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPNSSUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART15.BDR 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF 3697516955.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153313.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02749U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382962.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21334_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yellowknife 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15072_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21495_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107300.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00837_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME52.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\ssv.dll 3697516955.exe File created C:\Program Files\Internet Explorer\SIGNUP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-api.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101980.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\excel.exe.manifest 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL089.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLJRNLR.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME20.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\zip.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\IPDSINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Xlate_Complete.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ENGLISH.LNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\LightSpirit.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWCUTLIN.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01039_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10300_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\mux\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\pl.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\te\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libwave_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143746.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\GMT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15276_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\RADAR.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FALL_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239967.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActionExceptionHandlers.exsd 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\ExitPing.vstx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090087.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mk.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\DESIGNER\MSADDNDR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152608.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02293_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL077.XML 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL075.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299763.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\BLENDS.INF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\handler.reg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00208_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEContentService.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSRTEDIT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216874.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_increaseindent.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pontianak 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msaddsr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME51.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\PersonalContact.ico 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Elemental.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.Infopath.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Updater6\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196060.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Thatch.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Tasks.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART12.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-10 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285822.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\libGLESv2.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libimem_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105600.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115839.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\WANS.NET.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\button.gif 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\rt3d.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00435_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107728.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Custom.propdesc 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\JAWTAccessBridge-64.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_10_p010_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00186_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02369_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00019_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107138.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\LOCALDV.DLL 3697516955.exe File created C:\Program Files\DVD Maker\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107502.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\BG_ADOBE.GIF 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.es\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pe.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.XLS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLAPPTR.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105240.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105280.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01239_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageSlice.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\vcruntime140.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdate.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3ES.LEX 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSCOPY.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lord_Howe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199609.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.dub 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Uzhgorod 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC.HXS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Niue 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsusf_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoViewer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.MMW 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\AXIS.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382969.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400001.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanResume.Dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MOR6INT.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5EDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101867.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTBOX.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_off.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN089.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\NBMapTIP.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Shades of Blue.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\ECHO.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04326_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01058_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB11.BDR 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RSPMECH.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00242_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_OliveGreen.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\F12Tools.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00683_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WING1.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107514.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18225_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAILMOD.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPIRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00610_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_K_COL.HXK 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dili 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Waveform.thmx 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\youtube.crx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Resolute 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099178.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00532_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACT.CFG 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ja.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_splitter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00364_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01299_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxmedia.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238927.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SAFRI_01.MID 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\az\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\PROOF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382955.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01748_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\lt.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105490.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.DPV 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\License.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libstereo_widen_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\MCABOUT.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll 3697516955.exe File created C:\Program Files\Common Files\System\ado\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaps.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0211981.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FORM.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\2 Right.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME41.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15056_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGREPFRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\SEAMARBL.HTM 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Simferopol 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Currency Rates.iqy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\omni.ja 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-oql.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BLANK.ONE 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153265.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\+NewSQLServerConnection.odc 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VGX\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00578_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02039U.BMP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861261279.profile.gz 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsfsstorage_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090777.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00395_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.TH.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\HEADINGBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME36.CSS 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099191.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0177806.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGHEADING.XML 3697516955.exe File created C:\Program Files (x86)\Read_Me.txt 3697516955.exe File created C:\Program Files\Mozilla Firefox\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-api-caching.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\HST 3697516955.exe File created C:\Program Files\Windows Defender\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101859.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00152_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00910_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02075_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IT.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN108.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB5A.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\uninstall.log 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15301_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_COL.HXC 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\1033\EEINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\WT61ES.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14516_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBlankPage.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDXFile_8.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00373_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ContactSelector.ico 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\COPYING.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\en-US\msader15.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01146_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1036\MSGR3FR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.LEX 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadco.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\minidump-analyzer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME29.CSS 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00076_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285782.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv 3697516955.exe File created C:\Program Files\Windows NT\Accessories\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01852_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Document.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FORM98.POC 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENES\MSB1ENES.ITS 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\dt.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\System\ado\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00110_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\ISO690.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107364.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200163.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL109.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185818.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00917_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.DPV 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Groove.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02886_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT.DPV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153514.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_LightSpirit.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Managua 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341654.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterBold.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145879.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Grid.eftx 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MsMpCom.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt 3697516955.exe File opened for modification C:\Program Files\MoveEnter.svg 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099190.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143758.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Installed_resources14.xss 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWCUTCHR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7ES.LEX 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\servertool.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Apothecary.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Slipstream.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_OFF.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149481.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\mr.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\RIPPLE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR21F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSPST32.DLL 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01154_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL103.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\jsdbgui.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\validation.js 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24Images.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2launcher.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152878.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00957_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msaddsr.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Track Issues.fdt 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QP.DPV 3697516955.exe File opened for modification C:\Program Files\7-Zip\7-zip.chm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD10972_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Adjacency.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIconMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\BOMB.WAV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN086.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mexico_City 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santiago 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveNoise.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01296_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21505_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME17.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090089.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\java.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21413_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME54.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-outline.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN011.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DigitalInk.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\logging.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Godthab 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ar.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239997.WMF 3697516955.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05870_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png 3697516955.exe File created C:\Program Files\Java\jre7\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\chrome_proxy.exe 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02288_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTEL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBRPH2.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00438_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107154.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLSTL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\oisctrl.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ml.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thule 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ca.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00074_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01253_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_High.jpg 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Maldives 3697516955.exe File opened for modification C:\Program Files\Java\jre7\README.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148798.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233512.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00809_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115834.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SHOVEL.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginLetter.Dotx 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\simplexml.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0090070.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Newsprint.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novosibirsk 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00165_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14677_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html 3697516955.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313896.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285698.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPreviewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-conio-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mousedown.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02439_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00444_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Defender\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153516.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02074_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Aspect.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Mawson 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198025.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.dtd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_01.MID 3697516955.exe File created C:\Program Files (x86)\Windows NT\TableTextService\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Algiers 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00918_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\trusted.libraries 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Marengo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CNFNOT32.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-windows.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Creston 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_output\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSLISTI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_over.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-io-ui.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\msaccess.exe.manifest 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jvm.lib 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_2.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297707.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\utilityfunctions.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\FUNCRES.XLAM 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nipigon 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02446_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143750.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qatar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OFFXML.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN110.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Status.accft 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105710.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09031_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\1 Top.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAProjectUI.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boise 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Vancouver 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CMNTY_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_hyperlink.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186346.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02074U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00221_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\QUAD.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0160590.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpRTP.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00004_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01221K.JPG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00914_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIcons.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01181_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02028K.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\INCOMING.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabimp.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-4 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157167.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0300862.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01462_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01468_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOML.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\MedianFax.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ProjectStatusReport.potx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handler.reg 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233312.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\SignedComponents.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7EN.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qatar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBUI6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341634.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SessionMember.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MORPH9.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Auto.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00453_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FINCL_02.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382942.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\an.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\LICLUA.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00452_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0252349.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18218_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\OliveGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR34F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OSPP.VBS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nome 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\LAUNCH.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\gl.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105320.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\drag.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.rll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00126_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCARDHM.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javacpl.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01563_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santarem 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107344.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02405_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageBlank.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04196_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_nl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpsychedelic_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152432.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0286034.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14530_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\logger\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACERCLR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099145.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\validation.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\orbd.exe 3697516955.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll 3697516955.exe File created C:\Program Files\Java\jre7\lib\management\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04355_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00413_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02298_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18189_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7Lexicons0011.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Seoul 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Azores 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\JOURNAL.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01064_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EMSMDB32.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pidgenx.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00779_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin 3697516955.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382967.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02404_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Metro.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00525_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromaprint_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00114_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01191_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49B.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\audiodepthconverter.ax 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcf.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00352_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spc.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00197_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_SlateBlue.gif 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_copy_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-core-kit.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jawt.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fi.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR23F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImages.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00172_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_CN.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00673L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GreenTea.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18252_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\D3DCompiler_47.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00252_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00538_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143745.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PIXEL.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Premium.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsColorChart.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\FLTLDR.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOICONS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105250.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14757_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\STOPICON.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTVIEW.JPG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIcons.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hi.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\BLENDS.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02053J.JPG 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107314.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONPPTAddin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00172_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Newsprint.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18226_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Samara 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01858_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\tr.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ARFR\MSB1ARFR.ITS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01628_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251925.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprsr.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CST6CDT 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msader15.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00932_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7db.kic 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\mpvis.DLL 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187829.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232797.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\JAVA_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00241_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382948.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Simple.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.HK.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107152.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199661.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_on.gif 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292248.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Country.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SCNPST32.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guam 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0171847.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14997_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianResume.Dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONGuide.onepkg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\header.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18233_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libmemory_keystore_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Opulent.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0298897.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\manifest.json 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Faroe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\PICTIM32.FLT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSQRY32.CHM 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\images\bing.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar 3697516955.exe File created C:\Program Files\Windows Photo Viewer\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\NamedURLs.HxK 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR35F.GIF 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_200_percent.pak 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\d3d9\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02740U.BMP 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187893.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382959.JPG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00289_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\rtscom.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02155_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OSPP.HTM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rainy_River 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.STD 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00174_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185670.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149627.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\PRODIGY.NET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.EPS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\MAIL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00014_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLASSIC2.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Black Tie.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Services\verisign.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSTORY.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301418.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\HAMMER.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL095.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\npt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_center.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB4.BDR 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadce.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01235U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Premium.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\2 Top.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198016.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.NO.XML 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libqsv_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145669.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_02.MID 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01603_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Adobe.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XPAGE3C.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00320_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105398.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02262_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02122_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageStyle.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL107.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Taipei 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18220_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLMACRO.CHM 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01434_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00494_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-6 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBORDER.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Chita 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\winamp2.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00351_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Lima 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\jfr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSTORE.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mauritius 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106958.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Skins\Revert.wmz 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200467.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00052_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152568.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00629_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285750.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01761_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00625_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Solstice.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21339_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\SEAMARBL.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107130.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107350.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384895.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00671_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21504_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00402_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jre7\lib\ext\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00057_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02450_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHLTS.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kwajalein 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ARFR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14656_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RCLRPT.CFG 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\da.pak 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mraut.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\INDUST.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198020.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03224I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Black Tie.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jvm.hprof.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGAD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSPPT.OLB 3697516955.exe File created C:\Program Files\Windows Mail\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tehran 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21390_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32r.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00040_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00152_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_en.dub 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\LICENSE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup-impl.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvmem_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoAcq.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_italic.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\SectionHeading.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02559_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01838_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0251007.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386270.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iedvtool.dll.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Oral 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00449_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\IA2Marshal.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107494.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0136865.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196374.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Dublin 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado28.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaribsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382961.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099146.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OSetupPS.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0093905.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\arrow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\BLUEPRNT.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.JS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\VSTARemotingServer.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ur.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01084_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDREQL.ICO 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\ROGERS.COM.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\sentinel 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.HOL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Petersburg 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153398.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01123_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\EUROTOOL.XLAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACC.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216600.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21481_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\uk.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ONLINE.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLY98SP.POC 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\reader\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01170_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02464_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01164_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MOR6INT.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OISGRAPH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxinfo.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css 3697516955.exe File opened for modification C:\Program Files\WatchRestart.mov 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16ImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msxactps.dll 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\sqmapi.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\main.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00453_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\INDUST.ELM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayenne 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240175.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_increaseindent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7EN.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBOXES.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-execution.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\SDK\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\view.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libwebvtt_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME23.CSS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XML2WORD.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL104.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14869_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21533_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_FR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00308_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01660_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00530_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00478_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00246_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00938_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR41F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\CONCRETE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00159_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\InfoPathWelcomeImage.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\System\wab32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_pt_BR.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_05.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Foundry.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00935_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCOUPON.DPV 3697516955.exe File created C:\Program Files (x86)\MSBuild\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Noronha 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02091_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Concourse.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31F.GIF 3697516955.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ml.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OCRHC.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon 3697516955.exe File opened for modification C:\Program Files\JoinResume.dxf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_justify.gif 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcvbs.inc 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SAEXT.DLL 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Logo.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\et\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchobj.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTFORM.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME48.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3FR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099154.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Jamaica 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198113.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00687_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_on.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105496.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105912.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSSPC.ECF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\SAMPLES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_th.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02158_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196164.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\BREEZE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Paper.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kwajalein 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382963.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBAR.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote-PipelineConfig.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-uihandler.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382931.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Solstice.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\extensions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-io-ui.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.Blueprints.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299611.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\IMAGE.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\System\ado\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239611.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp 3697516955.exe File created C:\Program Files\Java\jre7\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN03500_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287018.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Client.xml 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\ie9props.propdesc 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\JP2KLib.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Composite.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jvm.hprof.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18209_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpOAV.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21321_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Syowa 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\PNG32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00190_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACWIZRC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_TexturedBlue.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187861.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196358.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Thatch.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18223_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10290_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME11.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Perspective.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBlankPage.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belem 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Kerguelen 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21311_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-visual.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvcd_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Canary 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\is\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libanaglyph_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Author2String.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ORG97.SAM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmlaunch.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\zipfs.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02153_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188669.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACTIP10.HLP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\sound.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18202_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLIST.CFG 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Esl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSO.ACL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Windhoek 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00170_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341742.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18192_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18198_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_GreenTea.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.xml 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fi.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00346_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02431_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_COL.HXC 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\gstreamer-lite.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Executive.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN109.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Reunion 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00443_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBrowserUpgrade.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusAway.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityLetter.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityResume.Dotx 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoCanary.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libt140_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00681_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178523.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSOSEC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\CHICAGO.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART10.BDR 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\BASMLA.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14867_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\DADSHIRT.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nb.pak 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01366_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107266.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185774.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Dialog.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00120_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304405.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\DELIMR.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\hprof.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado27.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00636_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01954_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SWEST_01.MID 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMASTHD.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMIMES.CFG 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Swift_Current 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INFOPATH.EXE 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Graph.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01015_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Perspective.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199727.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00276_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099168.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15132_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Thatch.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_COL.HXC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CT_ROOTS.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\AUTHOR.XSL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-visual.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00141_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABMASK.BMP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00177_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-search.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10267_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10307_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOC.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00184_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237228.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187835.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PRRTINST.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR10F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SpaceSelector.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en.dll 3697516955.exe File created C:\Program Files (x86)\Windows NT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\Bibliography\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\pdmproxy100.dll 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00932_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01634_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMAIN.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPISHELL.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEMS.ICO 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\nacl_irt_x86_64.nexe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaenum.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\BG_ADOBE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL082.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281008.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384862.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21329_.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CASHREG.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STP 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\DBGHELP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\ARROW.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN026.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099185.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101865.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14752_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQ.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\CALENDAR.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LOGO98.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105396.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240189.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21300_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7fr.kic 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152556.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285820.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18247_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00261_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01236U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\REMINDER.WAV 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01473_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Solstice.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\Indiana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Slipstream.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD20013_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 3697516955.exe File created C:\Program Files (x86)\Common Files\System\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299171.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Medium.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VGX\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02740G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.TLB 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\STUDIO.INF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152610.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuvp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CG1606.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00255_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239943.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00391_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-modules.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\services_discovery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\wabmig.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sw.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Foundry.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME10.CSS 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mng2.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02169_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Person.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\14\Built-In Building Blocks.dotx 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\86.0.4240.111.manifest 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02198_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ADD.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\TOOLICON.ICO 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL020.XML 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-CN.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\co\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\PortalConnect.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\OliveGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CONTACT.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-13 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152722.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\UTILITY.ACCDA 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382939.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS000C.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1STAR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237336.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101864.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Country.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00601_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR38F.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Reunion 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\FM20.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282932.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01301_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\BTINTERNET.NET.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CSD 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Aspect.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00330_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\et.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Earthy.gif 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ar.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Manila 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\RemoveConfirm.ppsx 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\THEMES.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10256_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBCOLOR.SCM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsdt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmprph.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\BLUECALM.ELM 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\README.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\METCONV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00130_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107316.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\ELPHRG01.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107750.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105504.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CLVIEW.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA000A.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FLAP.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Recife 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01140_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01084_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00233_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\chrome.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\JdbcOdbc.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\kn.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tokyo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Response.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_COL.HXC 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\CR_EB8C7.tmp\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00799_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232795.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01292_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02465_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHDHM.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar 3697516955.exe File created C:\Program Files\Java\jre7\bin\plugin2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241773.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02069J.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWDWG.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Windows Journal\jnwmon.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00297_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105246.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CLVWINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUNGLE.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01219_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\ITIRCL55.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\CAPSULES.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341448.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00686_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Foundry.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPIR.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\La_Rioja 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Teal.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME16.CSS 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861258748.profile.gz 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105288.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0295069.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\DirectDB.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00256_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099164.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0144773.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_ON.GIF 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ho_Chi_Minh 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\London 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_cs.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7es.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fil.pak 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099170.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME09.CSS 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02267_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME19.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREET11.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02028_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115836.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7fr.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01563_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEB11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02009_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02750U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115875.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\ACADEMIC.ONE 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\SPRING.ELM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsound.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Ojinaga 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_mr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\macroprogress.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00222_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Hardcover.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10289_.GIF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145810.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18214_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Campo_Grande 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESTL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Premium.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Apothecary.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition - Customized.fdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icucnv36.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00046_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackgroundRTL.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\POLICIES.FDT 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01166_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0315580.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CDLMSO.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSWORD.OLB 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\misc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0335112.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10254_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsFormTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Issue Tracking.gta 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok 3697516955.exe File created C:\Program Files\VideoLAN\VLC\skins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\ucrtbase.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0279644.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0291794.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02055_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\7z.sfx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\WPGIMP32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ro.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107468.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00482_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\COUPON.POC 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADVCMP.DIC 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libd3d11va_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libfile_logger_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02097_.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatialaudio_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\xlsrvintl.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Darwin 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153273.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Bibliography\BIBFORM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPIR.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.BusinessData.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216540.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21427_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_VelvetRose.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BDRTKFUL.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00139_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fa.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\SIGNUP\install.ins 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\CHEVRON.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\pdm.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_dummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\CANYON.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04108_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\DumontDUrville 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04117_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00132_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleHandler.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmagnify_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18257_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONFLICT.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\COMPUTER.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN097.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105272.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Austin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts2.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148309.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01701_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBREF.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBPAGE.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWRECS.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15058_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ExtExport.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145272.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SBCGLOBAL.NET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN054.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WORDREP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\charsets.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\JNGLE_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Doc.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTOC.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBOB6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01164_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10298_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_tr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\IntroducingPowerPoint2010.potx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libntservice_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14711_.GIF 3697516955.exe File opened for modification C:\Program Files\CheckpointCompress.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASK.CFG 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_et.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341499.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\localedata.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\iediagcmd.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\BLUECALM.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00242_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00336_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\nb.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01743_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Module.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE04050_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304861.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieResume.dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\sound.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PAPER_01.MID 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\Read_Me.txt 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGNL.ICO 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00235_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297269.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Executive.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hr.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Monticello 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_OFF.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105502.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_justify.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103058.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIconsMask.bmp 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0227419.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBlankPage.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\adojavas.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00485_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Module.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendtoOneNoteFilter.gpd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-templates.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\MSTAG.TLB 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00202_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105386.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Windows Mail\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Manila 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\Presentation Designs\Maple.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285462.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00411_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115863.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDECS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSYUBIN7.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Chita 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\CIEXYZ.pf 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\THMBNAIL.PNG 3697516955.exe File created C:\Program Files (x86)\Google\Update\Install\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Technic.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEML.ICO 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\sunec.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\CASCADE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00902_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02233_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME07.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR21F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewFrame.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNOteFilter.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT.XML 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSLID.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01242_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241781.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTITL.ICO 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\perfcore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02265_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0221903.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_OFF.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SlateBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpAsDesc.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WSIDBR98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\SLATE.ELM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Minsk 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\DW\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178459.JPG 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\Timeline_is.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTE.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Country.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21534_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.PPT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSN.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu 3697516955.exe File created C:\Program Files\Mozilla Firefox\browser\features\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02278_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp 3697516955.exe File created C:\Program Files (x86)\Common Files\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\QUAD.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222015.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCARD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MAPISHELL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02124_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIcons.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237225.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115841.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_on.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00345_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOCF.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099173.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\Presentation Designs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00784_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL010.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ClassicPhotoAlbum.potx 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\libxml2.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341534.JPG 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01035U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPICCAP.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Soft Blue.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19828_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02125_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234001.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Technic.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14753_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_SlateBlue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Classic.dotx 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\include\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.VN.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00397_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00783_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INLAUNCH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099167.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Phoenix 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Opulent.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_on.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpnssci.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18208_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDBAR98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_LightSpirit.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234131.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187819.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00489_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15021_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SHOT.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Details.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\dependentlibs.list 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXPSRV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FPLACE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00117_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN096.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00195_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285780.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03668_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00192_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePage.gif 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\RenderingControl.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\TAG.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OnLineIdle.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\BREEZE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00270_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libalphamask_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\macroprogress.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis.css 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spl.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Major Indicies.iqy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199465.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXPTOOWS.DLL 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02025_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\update-settings.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01180_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14832_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOCS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\glib-lite.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Berlin 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\Office64WW.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01145_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_decreaseindent.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Sales Pipeline.accdt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\BG_ADOBE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Faculty.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\co.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099172.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185778.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\eu.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\LAUNCH.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\am\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00090_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdfmap.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCH98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10263_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jerusalem 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libexport_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Module.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293236.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14868_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\meta_engine\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292286.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONWordAddin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05930_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition.fdt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoDev.png 3697516955.exe File opened for modification C:\Program Files\RedoExpand.aifc 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGATNGET.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Civic.eftx 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+12 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Eucla 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\an\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS53BOXS.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00423_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SPACE_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01298_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232803.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Equity.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Slipstream.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Urban.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MCPS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN075.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00257_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\LoanAmortization.xltx 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Messenger.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7FR.LEX 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05665_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14692_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\nn.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\STINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099192.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Contacts.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-7 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341653.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\RPLBRF35.CHM 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\msproof7.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\DELETE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00262_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCOUPON.XML 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableUpArrow.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Asuncion 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\RPT2HTM4.XSL 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02897J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XIMAGE3B.DLL 3697516955.exe File created C:\Program Files\Common Files\System\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00833_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BOATINST.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunec.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKUPD.CFG 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\MsMpLics.dll 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\BLUEPRNT.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382927.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL106.XML 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Hobart 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_it.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00527_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153307.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Singapore 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 3697516955.exe File created C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\IEShims.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00286_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALHM.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\meta-index 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00942_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14866_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21324_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\DirectDB.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00807_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400002.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GreenTea.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV98SP.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jce.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01842_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN107.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\F12Tools.dll.mui 3697516955.exe File created C:\Program Files\Microsoft Office\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libuleaddvaudio_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01631_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21503_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115855.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\NOTICE 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbjvs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_uk.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\DELETE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICTPH.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belem 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h 3697516955.exe File opened for modification C:\Program Files\ResumeUnblock.wma 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Anchorage 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPNSSUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02441_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18228_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS98.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\PABR.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPOLK.DLL 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Monaco 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\keystore\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00834_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip 3697516955.exe File created C:\Program Files\Google\Chrome\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00438_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\background.gif 3697516955.exe File created C:\Program Files\Internet Explorer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File created C:\Program Files\Java\jre7\lib\amd64\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belize 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\d3dcompiler_47.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBHOME.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\PublicFunctions.js 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpClient.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Filters\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01044_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Composite.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_center.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\SoftBlue.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151067.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Opulent.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER98.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090390.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SplashScreen.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoCanary.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\msdbg2.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-actions.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBENDF98.CHM 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ko.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewDblClick.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTEAR.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\psfont.properties.ja 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_avi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Median.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ContactPicker.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\offset.ax 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\COPYRIGHT 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00015_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309585.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\MENUS.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01218_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00688_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBHW6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA0009.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts.css 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\vdk150.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZLIB.ACCDE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d11\libdirect3d11_filters_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21304_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewSelectionChanged.js 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00633_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME26.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318810.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPrintTemplate.html 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313970.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05710_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATETIME.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Lagos 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099204.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239953.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18180_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21482_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWRECE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VisioCustom.propdesc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185796.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195812.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\BG_ADOBE.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Amsterdam 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Hand Prints.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_COL.HXT 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-8 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png 3697516955.exe File opened for modification C:\Program Files\EditWatch.rle 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHPHN.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTLVBA.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107708.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153091.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01241_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1036\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DVDHM.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENFR\MSB1ENFR.ITS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\VOLTAGE.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00441_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH00601G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7ES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OUTGOING.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\RTFHTML.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Knox 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18256_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\To_Do_List.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\STRTEDGE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02443_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosefont.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip 3697516955.exe File created C:\Program Files\Java\jre7\bin\server\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099157.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BANNER.DPV 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTIT.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmirror_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153518.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MYSL.ICO 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287415.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01172_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE11.POC 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151041.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03205I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignleft.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\ECLIPSE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01472_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0302953.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00148_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_shmem.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\WHOOSH.WAV 3697516955.exe File created C:\Program Files\DVD Maker\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\default.vlt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01682_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01063_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\drive.crx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.FNT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00443_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198022.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESEND.CFG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00444_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287020.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME31.CSS 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcs.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST7MDT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\sbdrop.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10297_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL026.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.access 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Prague 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSans.ttf 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png 3697516955.exe File created C:\Program Files\Google\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.LIC 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\uz.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0146142.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01843_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18235_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382836.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00236_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0289430.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01905_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15057_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXE8SharedExpat.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099187.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR37F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\skins\fonts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Winamac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01160_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java.exe 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll.sig 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MET 3697516955.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\logs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UTC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02373_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Main.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMC.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2native.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libgestures_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PAPYRUS.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14533_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\classlist 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mpjpeg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01176_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02413_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00941_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SPANISH.LNG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00298_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSEvents.man 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\MSOSV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01168_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00267_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmplayer.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212751.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217872.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18185_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBrowserUpgrade.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGREPFRM.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\REVERSE.DLL 3697516955.exe File created C:\Program Files\Google\Chrome\Application\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV.HXS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\RIPPLE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086384.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_choosefont.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SAVE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02466U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Angles.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABOFF.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02950_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02748U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\header.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\spu\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\1033\MSOSVINT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msaddsr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00018_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME32.CSS 3697516955.exe File opened for modification C:\Program Files\CheckpointImport.xlt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149887.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCVDTUI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_disable.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEVI.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107328.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03041I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14565_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL 3697516955.exe File created C:\Program Files\Windows Defender\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200279.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\FeedSync.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01777_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceDaYi.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB5B.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPQUOT.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RES98.POC 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\MemoryAnalyzer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18215_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14515_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLINACC.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ro.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sitka 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL 3697516955.exe File created C:\Program Files (x86)\Google\Update\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jsoundds.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPFT532.CNV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL096.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\DESIGNER.ONE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Flow.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPSideShowGadget.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FRAR\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrowMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\en-US\wab32res.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01039_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02120_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Waveform.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime.css 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SCHOL_02.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OFFOWCI.DLL 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Louisville 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Hardcover.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OISAPP.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03236_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\SUCTION.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL105.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\System.AddIn.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcor.dll.mui 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ko.pak 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382958.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297749.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185798.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-ui.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotiondetect_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESPS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\networkinspection.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02742G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTEL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianLetter.Dotx 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\rmid.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayman 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Pangnirtung 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEEXCL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\msdbg2.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\he.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\APPLAUSE.WAV 3697516955.exe File created C:\Program Files (x86)\Windows Defender\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105410.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_gather_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02045_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212219.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_OFF.GIF 3697516955.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN095.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293238.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195260.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Oriel.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE.HXS 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCD11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\AUTHORS.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\TexturedBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSCOL11.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\TECHTOOL.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\vi.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\OriginFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACER3X.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\WATER.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSSKETLG.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00416_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImages16x16.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Status Report.fdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ca.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABELHM.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_cycle_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libtdummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01255G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EntityPicker.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Simferopol 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESPL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB9.BDR 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VISSHE.DLL 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00068_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-utilities.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01770_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\background.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09664_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00943_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02794_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\AUTOSHAP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFTMPL.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\it.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_de.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01253_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGDOTS.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExpenseReport.xltx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSClientDataMgr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00494_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00555_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14830_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Casual.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\NVBELL.NET.XML 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPEQU532.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericonMask.bmp 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ru.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\meta-index 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nassau 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099182.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212953.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199755.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.KR.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB2B.BDR 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Solstice.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301480.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\TexturedBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SCNPST64.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sa.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_filter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSRETRO.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME02.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME43.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusDoNotDisturb.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02073_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00231_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0252629.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_spellcheck.gif 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fa.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpEvMsg.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.IN.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232395.WMF 3697516955.exe File created C:\Program Files\7-Zip\Lang\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SPACER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\HORN.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2ssv.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jsdt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0228823.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsink.ax 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_ES.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02503U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01304G.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\th.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\ARCTIC.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MUSIC_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21320_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\CLNTWRAP.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\LAUNCH.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\VBAJET32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewFrame.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Groove.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02435_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\PMAILEXT.ECF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\local_policy.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Anchorage 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrowMask.bmp 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02022_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\tt.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01162_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107134.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188679.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fr.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153305.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLCTL.DLL 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\gmail.crx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0088542.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234687.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SOCIALCONNECTORRES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DESKSAM.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00454_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jdwp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART13.BDR 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0314068.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL011.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Madrid 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\EURO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105376.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BCSRuntimeRes.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImagesMask.bmp 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Read_Me.txt 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Pushpin.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLOGO.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01586_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\el.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Iqaluit 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234376.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME30.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLSERVER.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01923_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormToolImages.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdarem.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\Whistling.wav 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0250997.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\avtransport.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1AR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183574.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Equity.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OMSSMS.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7Data0011.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\XDPFile_8.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multitabs.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.CNT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SPLASH.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Adelaide 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MLSHEXT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ALERT.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Nicosia 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01160_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tijuana 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18211_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00462_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\ZoneInfoMappings 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\FORMS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_SlateBlue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OPHPROXY.DLL 3697516955.exe File created C:\Program Files (x86)\Common Files\System\MSMAPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102594.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232393.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECRECL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MsMpLics.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21323_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpOAV.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01130_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01157_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105276.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ru.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guam 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_stats_plugin.dll 3697516955.exe File created C:\Program Files\WindowsPowerShell\Configuration\Schema\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_COL.HXC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\StaticText.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48F.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImageMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08868_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\TexturedBlue.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmlaunch.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic 2.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR26F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Halifax 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ceuta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195428.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241043.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL.XML 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\ielowutil.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\setup.swf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\APA.XSL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Vladivostok 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\wab.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198712.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application-views.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGZIPC.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\policytool.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\menu_arrow.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Response.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00256_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Grayscale.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Casual.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\access-bridge-64.jar 3697516955.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Newsprint.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_justify.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PG_INDEX.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\macroprogress.gif 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\setup.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmplayer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02753U.BMP 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217302.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.catalog 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00218_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryNewsletter.dotx 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0283209.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIcons.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Almaty 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101856.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02280_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02439_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GostTitle.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Urban.eftx 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0304933.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.dub 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\TEAROFF.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01772_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341636.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00095_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293844.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21348_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\IPOLKINTL.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GreenTea.css 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_SlateBlue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\sbdrop.dll.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00638_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPQUOT.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWRECC.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui 3697516955.exe File created C:\Program Files (x86)\Common Files\System\MSMAPI\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignleft.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESUME.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145904.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14980_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\jsprofilerui.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VVIEWRES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\builtincontrolsschema.xsd 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\RADIAL.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099165.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152570.WMF 3697516955.exe File opened for modification C:\Program Files\UndoConvert.wav 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02426_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QRYINT32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUTHZAX.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Maroon.css 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00155_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090781.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00563_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fxplugins.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0294991.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0302827.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21335_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssui.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Casual.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\SOLVER.XLAM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\F12.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\AXIS.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Foundry.xml 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\id.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293570.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EMABLT32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVELOPE.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Thatch.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\ActionsPane3.xsd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0150150.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153087.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301052.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15133_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Melbourne 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\external_extensions.json 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00693_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382966.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPrintTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OCRVC.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baku 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.en\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107748.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00806_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21331_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBWZINT.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115835.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Discussion.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\db\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195342.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02845G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00486_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14710_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\DEFAULT.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\FLASH.NET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7EN.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299587.WMF 3697516955.exe File created C:\Program Files\Windows Sidebar\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-io.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.DE.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprsr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02141_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00011_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-14 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XLCALL32.DLL 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\et.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02262_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04174_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01291_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099169.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0177257.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pontianak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\PipeTran.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Maceio 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Angles.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Executive.xml 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10219_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1F.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\COMPASS.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\SATIN.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00297_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Concourse.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\background.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.Infopath.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Projects.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Brussels 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXP_XPS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02746U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01395_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Pushpin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Assets.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01630_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251871.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Eurosti.TTF 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABON.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\wlsrvc.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ast.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceme35.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msjro.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281243.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01308_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR11F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\utilityfunctions.js 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\rt.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe 3697516955.exe File created C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\currency.data 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\artifacts.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152628.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00272_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kiev 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\attention.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIcon.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\MSB1ESEN.ITS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02413_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpAsDesc.dll.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JdbcOdbc.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR15F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ODBC.SAM 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21342_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Premium.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Earthy.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00405_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDCNCLL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxalert.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Noumea 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.InfoPath.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox28.tlb 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png 3697516955.exe File opened for modification C:\Program Files\ProtectMeasure.DVR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPTL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS9CRNRH.POC 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Goose_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32res.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178348.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02253_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15156_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoBeta.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\New_York 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\Services\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAClientPkg.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\server\Xusage.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Shorthand.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00564_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00299_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02412K.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBPAGE.XML 3697516955.exe File created C:\Program Files\Java\jre7\lib\applet\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\gui\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\wabfind.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLJRNL.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7Models0011.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\tzmappings 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00178_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OMSXP32.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\OmdProject.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00274_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313974.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\ACCOLK.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWLAY32.DLL 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\libGLESv2.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.SqlServerCe.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+7 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CARBN_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE.MANIFEST 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\awt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Rangoon 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14768_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\GRIPMASK.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ta.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Riga 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow.css 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGM.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183172.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\STUBBY1.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Groove.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\PAWPRINT.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382926.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1036\MSO.ACL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPMS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECRECS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01635_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\validation.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313965.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsMacroTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WORDREP.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099188.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Essential.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01165_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\blacklist 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0235319.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Custom.propdesc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MX.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml 3697516955.exe File created C:\Program Files\Common Files\System\msadc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107288.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\gu.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\pack200.exe 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01357_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15168_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01744_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SCANPST.EXE 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlccore.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-compat.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01080_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196142.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00735_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImages256Colors.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02752U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ROAD_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14595_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Casual.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\Sidebar.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01152_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198447.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OART.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\CURRENCY.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01659_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238333.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02578_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Marketing Projects.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\El_Salvador 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libvhs_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01065_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01044_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172035.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ug.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\preloaded_data.pb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\fontmanager.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaorar.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01013_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ext.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18201_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21302_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryLetter.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\WidescreenPresentation.potx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpconfig.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSSKETSM.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Fortaleza 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182898.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\utilityfunctions.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLTASK.FAE 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105368.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15023_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMaskRTL.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WHITEBOX.JPG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png 3697516955.exe File created C:\Program Files\DVD Maker\Shared\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01875_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0230553.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd28.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21434_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0202045.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\common.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Modern.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Phone.accft 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387337.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCD98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_no.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00176_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_pressed.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OFFOWC.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_EN.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14531_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsImageTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00557_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01069_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.CN.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01169_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07831_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\BCSAddin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESP98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\NETWORK.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04235_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099155.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00452_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21314_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP 3697516955.exe File created C:\Program Files\Reference Assemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\SignedManagedObjects.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FORMCTL.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Los_Angeles 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_es.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\New_Skins.url 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FRAR\MSB1FRAR.ITS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\JFONT.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\utilityfunctions.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEOLEDB.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00296_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107090.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02567J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME44.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR25F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\msoe.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02368_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jni_md.h 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\uk.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\fxplugins.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Sofia 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MsMpRes.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipres.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107254.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ka.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10335_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21295_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0305493.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lord_Howe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Norfolk 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\NEWS.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152626.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\1 Right.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Brisbane 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151047.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFNOT.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.DPV 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00512_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormToolImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\OFFICE10.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Teal.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveNewsletter.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdatl3.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\CsiSoap.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00224_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN027.XML 3697516955.exe File opened for modification C:\Program Files\7-Zip\descript.ion 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00602_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_underline.gif 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ms.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00820_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02759J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CollectSignatures_Init.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Name.accft 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Clarity.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FRENCH.LNG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Students.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\Read_Me.txt 3697516955.exe File created C:\Program Files\Microsoft Office\Office14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01236_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BORDERBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpshare.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\THMBNAIL.PNG 3697516955.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\86.0.4240.111\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\GRDEN_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management-agent.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01848_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00898_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Elemental.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\1033\CAGCAT10.MML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18250_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROGRAM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR22F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\NETWORK.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\F12Tools.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ERROR.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_bullets.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\IRIS.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00641_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIcons.jpg 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\external_extensions.json 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormToolImages.jpg 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FINCL_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099198.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME12.CSS 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\de.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Barbados 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BULLETS.DLL 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Catamarca 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02451_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\wabimp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Country.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00810_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB02229_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\UrbanFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEWDAT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241037.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296288.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sl.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01173_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00012_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIcon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javaws.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00712_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBAR11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099158.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50F.GIF 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART11.BDR 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00254_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0293832.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME06.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Installed_schemas14.xss 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginResume.Dotx 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODBC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00382_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Antigua 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKIRMV.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSTORYVERT.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman 3697516955.exe File created C:\Program Files\Windows Mail\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384885.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44B.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OMSMMS.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\j2pcsc.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00916_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\PLANNERS.ONE 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+1 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00273_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0290548.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\VCTRN_01.MID 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02758U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02039_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Verve.thmx 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guayaquil 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe Root Certificate.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01548_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01247U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00223_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\CONCRETE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185800.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00170_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086428.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341475.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0332268.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.properties.src 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FPERSON.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTES.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\CALENDAR.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcor.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14791_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CollectSignatures_Sign.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\PublicFunctions.js 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ru.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Pushpin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEIRM.XML 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ky.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_increaseindent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152414.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\perf_nt.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00018_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7tkjp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSQRY32.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\HxRuntime.HxS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baghdad 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxC 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ielowutil.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101862.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Trek.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21400_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART1.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04267_.WMF 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Martinique 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00361_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupicons.jpg 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107450.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaremr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwgst.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdfmap.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00160_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152436.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14583_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_it.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcvbs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR24F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6B.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprst.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35F.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pohnpei 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\subscription.xsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EXPLR_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341738.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01740_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\LOOKUP.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Pitchbook.potx 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSLaunch.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\sidebar.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\Microsoft.Ink.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Elemental.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEWBY.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187921.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\PROCDB.XLAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FEZIP.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241041.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285444.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDCAT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html 3697516955.exe File opened for modification C:\Program Files\7-Zip\7-zip32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Clarity.thmx 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\manifest.json 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00915_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MSTHED98.POC 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04269_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01585_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_TexturedBlue.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00407_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEWSS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00775_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107024.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00238_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_F_COL.HXK 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msader15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00130_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jerusalem 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14514_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsImageTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02268_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME24.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHighMask.bmp 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21364_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME13.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignright.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\MSB1FREN.ITS 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javafx.policy 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105520.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21307_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Wordconv.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\STINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielReport.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\EPSIMP32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLIP.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103262.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WhiteboxMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PROFILE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00057_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18182_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EXLIRMV.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Debugger\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-execution.xml_hidden 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02066_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\RSWOP.ICM 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 3697516955.exe File opened for modification C:\Program Files\7-Zip\7zCon.sfx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\amd64\jvm.cfg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01805_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNoteUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-io.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200189.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART7.BDR 3697516955.exe File opened for modification C:\Program Files\ExportGroup.tmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\tnameserv.exe 3697516955.exe File opened for modification C:\Program Files\Windows Portable Devices\sqmapi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152890.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabfind.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OMSINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART14.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\background.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OMML2MML.XSL 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMC.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00531_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\prism-d3d.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\sRGB.pf 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\sd\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_vi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Waveform.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm 3697516955.exe File created C:\Program Files\Windows Media Player\Network Sharing\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 3697516955.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01182_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcfr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14801_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.conf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\management.dll 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONLNTCOMLIB.DLL 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextService.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15275_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ReviewRouting_Init.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222017.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\default-browser-agent.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Cordoba 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\gradient.png 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\EDGE.INF 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMCCore.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281638.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Events.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\blank.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00014_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\PublicFunctions.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BANNER.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielResume.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Regina 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099199.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Denver 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvmstat.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.WPG 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_de.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\bg.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105238.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0229385.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\excelcnvpxy.dll 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00086_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00233_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04225_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0089945.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105360.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0213243.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18196_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR40F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmprph.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLMAILR.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceAmharic.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0240719.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\NOTEBOOK.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00814_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14985_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14594_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImagesMask16x16.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-annotations-common.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_delay_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSSOAPR3.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\BOLDSTRI.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01143_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03731_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14829_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\MSGR3EN.DLL 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORTL.ICO 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\flyout.css 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SWBELL.NET.XML 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\DiagnosticsTap.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8 3697516955.exe File created C:\Program Files\Windows Journal\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14529_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\MMSL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.Infopath.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd 3697516955.exe File created C:\Program Files\Windows Media Player\Skins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEEXCH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01148_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02040U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left_over.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART2.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLAPPT.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLACCT.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEDAO.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304371.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216724.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OSETUP.DLL 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00017_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavutil.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216570.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00913_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21327_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ps.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285484.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\SPACER.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Buenos_Aires 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tpcps.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OFFREL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Equity.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GostName.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDEC.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBAD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDFFile_8.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01041_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR19F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XMLSDK5.CHM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Campo_Grande 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.THD 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.FR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\QuizShow.potx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\CANYON.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187881.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00097_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLWVW.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEML.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\HEADINGBB.DPV 3697516955.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00703L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MY.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143743.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\MSB1FREN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Oriel.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01394_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099177.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178632.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14513_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN065.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\yo.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102762.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Author2XML.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EntityDataHandler.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATE.JPG 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoAcq.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME47.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02398_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18204_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21309_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TaxonomyControl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceArray.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02736G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0278882.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_ON.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Visualizations\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management\management.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341559.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\derby_common.bat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar 3697516955.exe File created C:\Program Files\Java\jre7\bin\dtplugin\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_kn.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieproxy.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106124.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01141_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\VIBE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS10TARG.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00487_.WMF 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\precomplete 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10268_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left_over.gif 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195320.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR17F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CLICK.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\README.html 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Antarctica\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bg.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterToolTemplates.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01637_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Apothecary.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackground.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado20.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.metadata.repository.prefs 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpCmdRun.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGNS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALNDR98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Media.accdt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\pingsender.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105298.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01746_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.HK.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tarawa 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QUIKPUBS.POC 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04369_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08808_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00234_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14882_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Manuscript.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBRPH1.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cancun 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\Wks9Pxy.cnv 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Comments.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml 3697516955.exe File opened for modification C:\Program Files\DebugEdit.mpe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152602.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LISTBOX.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENFR\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\ICE.INF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpAsDesc.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPreviewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195534.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Hobart 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDREQS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VS_ComponentSigningIntermediate.cer 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado20.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0230558.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.Tools.Applications.Project.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\System\en-US\wab32res.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00116_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN103.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\LAYERS.ELM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CUP.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01237_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115866.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageBlank.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\VBE7.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrow.jpg 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00442_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00414_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBWZINT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaurl.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mahe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_chroma\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01252_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageStyle.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPUNCT.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Cape_Verde 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+1 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18239_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Phoenix 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\STOCKS.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0324704.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Detroit 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01356_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsColorChart.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\CALENDAR.GIF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adovbs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsdbgui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00129_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPISHELLR.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Origin.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10336_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ENGIDX.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16Images.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Maroon.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsprofilerui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00021_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00544_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\PLUS.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099162.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00468_.WMF 3697516955.exe File opened for modification C:\Program Files\CloseExit.mpeg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00382_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199279.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR18F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POST.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SUBMIT.JS 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png 3697516955.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105378.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199473.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285792.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLTASKR.FAE 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01300_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\cacerts 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02724_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01178_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0214948.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCICONS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWORIENT.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bn.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-print.xml_hidden 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaom_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00760L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292020.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml 3697516955.exe File created C:\Program Files\Mozilla Firefox\browser\VisualElements\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\eula.rtf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME50.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7tk.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCHUR98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01368_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageSmall.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00603_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\de.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_dummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21322_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0298653.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssci.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107182.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSACCESS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoBase.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_09.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLMIME.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BORDERBB.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CA.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll 3697516955.exe File created C:\Program Files\WindowsPowerShell\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107718.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TipsImage.jpg 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\kk.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZCARD.DPV 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.IDX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00633_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18203_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21535_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BROCHURE.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105846.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Earthy.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\form_edit.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301252.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXEV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107150.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\RM.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\RMNSQUE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00010_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04206_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLSTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html 3697516955.exe File opened for modification C:\Program Files\Common Files\System\wab32res.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\WT61FR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DW\DBGHELP.DLL 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15274_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02088_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ENGDIC.DAT 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0075478.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152704.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386485.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB7.BDR 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePage.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsource.ax 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guyana 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vimeo.luac 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPMediaSharing.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\handsafe.reg 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\kcms.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FDATE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341447.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLowMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.LEX 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Media Renderer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212661.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg 3697516955.exe File created C:\Program Files\Internet Explorer\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Adak 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00173_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200151.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00345_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00232_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fy.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginReport.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml 3697516955.exe File created C:\Program Files\Java\jre7\lib\cmm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL092.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PSTPRX32.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\System\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02790_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ja.properties 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\DumontDUrville 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CRANE.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18197_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\orbd.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN020.XML 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\SATIN.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107484.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387591.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10265_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Tags.accft 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsdp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLASSIC1.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\DRUMROLL.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145895.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187825.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02276_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18232_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XLCPRTID.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceoledb35.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\images\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplateRTL.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18210_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACTL.ICO 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-nodes.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Maputo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\GIFIMP32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\TIME.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18213_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SOCIALPROVIDER.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\HST10 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ja.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285808.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bn.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActions.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\LightSpirit.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\CURRENCY.HTM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OISINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7B.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\DEEPBLUE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCOLKI.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OutSyncPC.ico 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Keywords.HxK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\RTF_BOLD.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ORG97R.SAM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Paris 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BABY_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR17F.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\NL.ROGERS.COM.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\helper.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287024.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Glace_Bay 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\application.ini 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\io.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml 3697516955.exe File created C:\Program Files\Java\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libinteger_mixer_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png 3697516955.exe File created C:\Program Files\Google\Chrome\Application\SetupMetrics\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ALRTINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITL.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libadummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL087.XML 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sr.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS2BARB.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kiev 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153047.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199469.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Verve.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMARQ.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200289.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01186_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14828_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePage.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_te.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01638_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101858.BMP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\WET 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Origin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205466.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wallis 3697516955.exe File created C:\Program Files\Java\jre7\lib\images\cursors\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kosrae 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\main.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107492.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART9.BDR 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_OliveGreen.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01152_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02750G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02051_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\OliveGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233665.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01158_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSClient.Msg.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogo.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL110.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\oeimport.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Inuvik 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14871_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-outline.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\wlsrvc.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099180.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\INDOMAIN.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Choibalsan 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00169_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hu.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART4.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\MMHMM.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\GrooveFormsMetaData.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL027.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Omsk 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Madeira 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Thawte Root Certificate.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00090_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\dnsns.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\jaccess.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15185_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.XLS 3697516955.exe File created C:\Program Files\Java\jre7\bin\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow.css 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Mso Example Setup File A.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ku.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Black Tie.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0168644.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00668_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SNIPE.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18230_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14538_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME40.CSS 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ba.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\STUDIO.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLBAR.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\powerpnt.exe.manifest 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiler.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGATNGET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\IMCONTACT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0187423.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14982_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\ViewHeaderPreview.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWSTRUCT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MLCFG32.CPL 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\osclientcerts.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107480.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\hprof.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boa_Vista 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROGRAM.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00523_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08773_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14795_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDownArrow.jpg 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0281904.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21336_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pitcairn 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Adjacency.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_OliveGreen.gif 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152558.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292982.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB3A.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\PINELUMB.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH00780U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\AMERITECH.NET.XML 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14833_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDRESP.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XOCR3.PSP 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiBold.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jre7\LICENSE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0197983.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382954.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME42.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR31F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SAVE.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153302.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\grvschema.xsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fakaofo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBCN6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00172_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado21.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00403_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0098497.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01562U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME01.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-output2.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00154_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\config.ini 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_nv12_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296277.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\es.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ms.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\RECOVR32.CNV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00157_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.JS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.UK.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm_cmd.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\snmp.acl.template 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\wsdetect.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00526_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00466_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00234_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285360.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.security 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEODBCI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00543_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00146_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239951.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297727.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21338_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR11F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\background.gif 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sk.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-charts.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Horizon.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0157763.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR14F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Halifax 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ru.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\NUMERIC.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL065.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\adovbs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZFORM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB8.BDR 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00985_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153095.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCAL.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscene_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaremr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk 3697516955.exe File created C:\Program Files\MSBuild\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\he.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\IACOM2.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00163_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02208U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCRD98.POC 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LINE.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SEARCH.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsVersion1Warning.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jawt.h 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01213K.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Country.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\BREEZE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\Read_Me.txt 3697516955.exe File created C:\Program Files\WindowsPowerShell\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdadc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\km\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SPRNG_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Default.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\COMBOBOX.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00084_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL081.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304853.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Clarity.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301044.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233992.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\CIEXYZ.pf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\abcpy.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101866.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107148.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02862_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Fancy.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\WSS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Efate 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdaorar.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19988_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01066_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingDevices.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Apia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\GreenBubbles.jpg 3697516955.exe File opened for modification C:\Program Files\ConnectInitialize.001 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02388_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GKExcel.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7jp.kic 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BAN98.POC 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings 3697516955.exe File opened for modification C:\Program Files\Windows Mail\wab.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107192.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME03.CSS 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\SPRING.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Earthy.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SLINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePage.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBAR.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\it\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187851.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR28F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152560.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupiconsmask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\LICENSE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLWVW.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOMS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00726_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\STOCKS.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00670_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.HXS 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\COIN.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\La_Paz 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dcpr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00524_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRLEX.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmplayer.exe.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Menominee 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14581_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Khandyga 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\System\msadc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107526.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICSTYLES.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CRT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSRuntimeUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPrintTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIcons.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099200.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01246_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia_Banderas 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\WATER.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FS3BOX.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PROFILE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 3697516955.exe File opened for modification C:\Program Files\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\MSCONV97.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00956_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sa.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00392_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101860.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLR.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGN.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PTXT9.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Eirunepe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Metro.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBlankPage.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DOTS.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Merida 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\DAO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\si.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0197979.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382950.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Code_Signing_2001-4_CA.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR16F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Apex.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\jnwdui.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\INDST_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145168.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105244.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Waveform.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297185.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0217698.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21512_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImagesMask.bmp 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01015_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00013_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_F_COL.HXK 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Adelaide 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_id.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD05119_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_OliveGreen.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageSmall.jpg 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Mso Example Intl Setup File B.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105328.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SETLANG.EXE 3697516955.exe File created C:\Program Files (x86)\Uninstall Information\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01251_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151061.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400004.PNG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\mlib_image.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00914_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLPERF.INI 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN105.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115865.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_es_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195772.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01849_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Xlate_Init.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierCloseButton.jpg 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\hu.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00685_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14996_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME45.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPTIRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WCOMP98.POC 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Cairo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199483.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHigh.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jaas_nt.dll 3697516955.exe File created C:\Program Files\Mozilla Firefox\fonts\Read_Me.txt 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\JPEGIM32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239975.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02957_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01354_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Mail\oeimport.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCDDSUI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WPULQT98.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18224_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORM.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.exe 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE06049_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18231_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\HEADER.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\JNTFiltr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00142_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282928.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EXLIRM.XML 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\klist.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106020.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WHIRL1.WMF 3697516955.exe File created C:\Program Files\Common Files\System\Ole DB\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198102.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183168.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\OFFICE10.MMW 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_disable.gif 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\kaa.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSDecWrp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Origin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_K_COL.HXK 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18222_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18248_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOCL.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028184006.pma 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\RMNSQUE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\WinMail.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00965_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02389_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Distinctive.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\br.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\EVRGREEN.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01421_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01749_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEM.CFG 3697516955.exe File created C:\Program Files\Java\jre7\lib\deploy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00419_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0291984.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS000A.dll 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur 3697516955.exe File created C:\Program Files\Uninstall Information\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21319_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\default.jfc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152894.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignleft.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\keytool.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\liblogo_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Temp\GUMBFA6.tmp\GoogleUpdateSetup.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099163.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178932.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234000.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Gibraltar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212601.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-PT.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libfile_keystore_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18249_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREETING.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106816.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00127_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMSS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OnLineBusy.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Blog.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\Accessible.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OARTCONV.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00092_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\ATPVBAEN.XLAM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR42F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLMAPI32.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103812.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304875.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCVDT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.SG.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172067.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSWAVY.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15020_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Library\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser_64.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00513_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ViewHeaderPreview.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ACCTBOX.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-tw.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151045.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WITHCOMP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Training.potx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png 3697516955.exe File created C:\Program Files\7-Zip\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SUBMIT.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.Infopath.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099202.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07761_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml 3697516955.exe File opened for modification C:\Program Files\MountGet.php 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152606.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\TRANSMRR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_da.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00505_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITY.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\pt-br.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18246_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBE7INTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Newsprint.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\attention.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosefont.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPEDITOR.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\gfserrorfromgroove.ico 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\IRIS.INF 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Microsoft.Ink.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102984.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152708.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02127_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN010.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\verify.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099176.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341554.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03451_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10337_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUCRES.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadrh15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosecolor.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS2SWOOS.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignright.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\PST8PDT 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107730.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Couture.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14578_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxerror.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXPTOOWS.XLA 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205462.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0390072.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIconMask.bmp 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Civic.thmx 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188667.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\server\classes.jsa 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099186.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02264_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SUMER_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCDDS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_GreenTea.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignright.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Currie 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\RELAY.CER 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL001.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00372_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INLAUNCH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityReport.Dotx 3697516955.exe File created C:\Program Files\Internet Explorer\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00200_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341344.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\accessibility.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Monterrey 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086420.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_OFF.GIF 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-tools.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21520_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\FOLDER.ICO 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\STRTEDGE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSStr32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdav1d_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107158.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Microsoft.Synchronization.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\instrument.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239057.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UCT 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00559_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LETTHEAD.XML 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-font.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\FDFFile_8.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196354.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02470U.BMP 3697516955.exe File created C:\Program Files\Common Files\Services\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00135_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382957.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_LightSpirit.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\SketchIconImages.bmp 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_TW.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143744.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107712.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152594.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00199_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POST98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\management.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00524_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\REFEDIT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEWSTR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01565_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\InformationIconMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Bissau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00319_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107742.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAME.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL102.XML 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bogota 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Bucharest 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01618_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30B.GIF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\PDIALOG.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01171_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00369_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145361.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_OFF.GIF 3697516955.exe File created C:\Program Files\MSBuild\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\REFINED.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\RICEPAPR.ELM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Cocos 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02312_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186362.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OIMG.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB10.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02223U.BMP 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\blocklist.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\msvcr100.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libftp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00828_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk 3697516955.exe File created C:\Program Files\Mozilla Firefox\uninstall\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157177.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21328_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR24F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLMAIL.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_ON.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\plugins.dat 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\MTEXTRA.TTF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01161_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuching 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00261_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241077.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386764.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01245_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\gfserrortogroove.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_es.dub 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\ktab.exe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03513_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcor.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47B.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado27.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lt.pak 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Perth 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 3697516955.exe File created C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar 3697516955.exe File created C:\Program Files\Windows NT\TableTextService\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174952.JPG 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\prism-d3d.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02810J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\1100.accdt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_elf.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATALOG.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\ECLIPSE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02752G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\ALARM.WAV 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\resources.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mspub.exe.manifest 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\en.ttt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PAPYRUS.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04323_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185786.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\MINUS.GIF 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00531L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB01741L.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\REPTWIZ.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryResume.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-print.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\DATES.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02161_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.DLL.IDX_DLL 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_OFF.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\SUMIPNTG.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00808_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBEMAIL.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Galapagos 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.APL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107482.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18217_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPM.CFG 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199423.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMIMEE.CFG 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Toronto 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02522_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DELIMWIN.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-remote.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382930.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0185604.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00732_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15171_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Off.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\iexplore.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libfingerprinter_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\TOOT.WAV 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmono_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libchain_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01759_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14769_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01742_.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21480_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGAD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\CR_EB8C7.tmp\setup.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233070.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMCCore.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00194_.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-BR.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ms.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00260_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183174.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sl.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\EmbeddedView.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03379I.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18237_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDREQ.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hu.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\GRID_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195788.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZFORM.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveReport.dotx 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_wav_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSPTLS.DLL 3697516955.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292152.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0284916.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\MLA.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR16F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Issues.accdt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00092_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CAMERA.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 3697516955.exe File opened for modification C:\Program Files\TestWatch.mid 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01193_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14800_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.CSS 3697516955.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\freebl3.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\access_output\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREETING.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 3697516955.exe File created C:\Program Files (x86)\WindowsPowerShell\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sbdrop.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00184_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_pressed.gif 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libqt_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105332.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\OCEAN_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\bdcmetadataresource.xsd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.JP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\alt-rt.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libstats_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\soniccolorconverter.ax 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html 3697516955.exe File created C:\Program Files (x86)\Google\Temp\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00419_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00687_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Oriel.thmx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MAIN.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\WSS_DocLib.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287643.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Angles.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MML2OMML.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00921_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\SKY.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Composite.xml 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\STARTUP\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Stationery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es-419.pak 3697516955.exe File created C:\Program Files\Windows Sidebar\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ko.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01478U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9B.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00098_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105506.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Urban.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21308_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\pt.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\LEVEL.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IMPMAIL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.InfoPath.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15172_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZUSR12.ACCDU 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ERROR.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Makassar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\control\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoBeta.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0293800.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\docs.crx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\resources.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101863.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSAEXP30.DLL 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\kab.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01332U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSCLT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\mojo_core.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107458.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183290.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_fr.dub 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2iexp.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Casual.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\en-US\wordpad.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Curacao 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148757.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15273_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SOA.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcjavas.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115868.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB1B.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341645.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ODBCR.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageScript.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBARBLL.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar 3697516955.exe File opened for modification C:\Program Files\ShowResize.dot 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01243_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMaskSmall.bmp 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00306_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Urban.thmx 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02400_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_decreaseindent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341455.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ADRESPEL.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Salta 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mousedown.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02398U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMSL.ICO 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00158_.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-9 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107500.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHMAIN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\WIND.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpnetwk.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\CAPSULES.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318448.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0186002.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHKEY.DAT 3697516955.exe File created C:\Program Files\Common Files\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWSHM.POC 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00121_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400005.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESNS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00096_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hebron 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 3697516955.exe File created C:\Program Files\Windows NT\Accessories\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEXBE.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME05.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099161.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Trek.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOUC.EXE 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\libEGL.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145212.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152884.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.XML 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.exe 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Green Bubbles.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD10890_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02371_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00212_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVELOPE.DPV 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libkate_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02077_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\background.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-options-keymap.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\install.log 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_transcode_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\La_Paz 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318804.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02296_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPICCAP.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCD98.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Pipeline.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdarem.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08758_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02437_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Matamoros 3697516955.exe File created C:\Program Files\VideoLAN\VLC\hrtfs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152600.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239955.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ACT3.SAM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSLIST.DLL 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office 2.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3EN.LEX 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00136_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187863.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309664.JPG 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\lgpllibs.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PIXEL.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Services\verisign.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\LASER.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKIRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00414_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153299.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15134_.GIF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199283.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR33F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ar.pak 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Oral 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00058_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\OARPMANR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00390_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099196.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152696.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14580_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\bdcmetadata.xsd 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\digest.s 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Accra 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Origin.thmx 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL054.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0175428.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151055.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382947.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02285_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yakutat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\OFFISUPP.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\SERVWRAP.ASP 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ACE.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ReviewRouting_Review.xsn 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImageMask.bmp 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Skins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01607U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00642_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14655_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\7z.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382965.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\attention.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198494.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OFFRHD.DLL 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Stanley 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-api-visual.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tirane 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00100_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086424.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0179963.JPG 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0286068.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00736_.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\axvlc.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086478.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Media Player\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387604.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301050.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.exe.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanPhotoAlbum.potx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.PL.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\JNWDRV.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\WISC30.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\ICE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212957.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Attachments.jpg 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\nss3.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\jquery.jstree.js 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01297_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18241_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_COL.HXT 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Monrovia 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\mpvis.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341561.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN001.XML 3697516955.exe File opened for modification C:\Program Files\ConvertFromComplete.mhtml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\visualization\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libdeinterlace_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241019.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15272_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPreviewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00454_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00656_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02261_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15169_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\nio.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02423_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\FONTSCHM.INI 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR32F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHighMask.bmp 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287019.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Black Tie.xml 3697516955.exe File created C:\Program Files (x86)\Windows NT\Accessories\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107746.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMC.exe 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\THROAT.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBCALSO.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_07.MID 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\pa-in.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Swift_Current 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107042.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00042_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Discussion.gta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\v8_context_snapshot.bin 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXC 3697516955.exe File created C:\Program Files (x86)\Microsoft.NET\Read_Me.txt 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePage.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SSGEN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Priority.accft 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Concourse.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Perspective.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VC\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\zip.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR20F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLSLICER.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewFrame.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ku-ckb.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02058U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183328.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18190_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18200_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_es.dub 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198234.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR13F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ModifiedTelespace.ico 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sv.pak 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Photo Viewer\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\psfontj2d.properties 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libaribcam_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105638.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02444_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBCONV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN048.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287642.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Rome 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10253_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB6.BDR 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\COUGH.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00191_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveAnother.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\msitss55.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101861.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107528.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Formal.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACCS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188587.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205582.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.bfc 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00132_.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\libEGL.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPT.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SNET.NET.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105390.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosecolor.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Panama 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02068_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0278702.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL108.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Colombo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\EXPEDITN.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102002.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0149118.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Tell_City 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Christmas 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01244_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099183.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215210.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7en.kic 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\lij.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\art\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01167_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105286.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02041_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL016.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EURO\MSOEURO.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Macquarie 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\VelvetRose.css 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll 3697516955.exe File created C:\Program Files\Windows Portable Devices\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00160_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099197.GIF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\RECYCLE.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239965.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpnscfg.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00334_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292270.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hardware Tracker.fdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SHAREPOINTPROVIDER.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml 3697516955.exe File created C:\Program Files (x86)\Internet Explorer\SIGNUP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293234.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBOX.DPV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0214098.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\EXPEDITN.ELM 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\COMPASS.ELM 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\eventlog_provider.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0230876.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WORDIRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Paper.thmx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\MSB1ESEN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Paper.eftx 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mn.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Irkutsk 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLOGO.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR27F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\CAN.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ACCSBAR.POC 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ENVELOPR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\validation.js 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\be\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107290.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182888.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01295_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Apex.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote.gpd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\PINELUMB.HTM 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\af\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml 3697516955.exe File opened for modification C:\Program Files\Windows Mail\MSOERES.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSClientDataMgr\MSCDM.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03331_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\sunmscapi.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcer.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02071_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02417_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PEOPLEDATAHANDLER.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_MediumMAsk.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Bougainville 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7en.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBHD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STRBRST.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178460.JPG 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ga.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01680_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN092.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02270_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.NZ.XML 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\release 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XLICONS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\METCONV.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04384_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216858.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115856.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_off.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01629_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107658.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01293_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\OFFISUPP.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianReport.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-windows.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\EVRGREEN.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105348.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292278.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02448_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Couture.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\CASCADE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00118_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\VideoLAN Website.url 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107280.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\GRAY.pf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLPERF.H 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\BUZZ.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsMacroTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196364.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLADDR.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_choosecolor.gif 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\F12Resources.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199475.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00560_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\ODeploy.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02791_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00021_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216516.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPAPERS.INI 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174639.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIcon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLPROXY.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10 3697516955.exe File opened for modification C:\Program Files\DVD Maker\sonicsptransform.ax 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpshare.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00458_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR36F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RECL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR12F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belize 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_setid_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297759.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14984_.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-iio.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado25.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SketchPadTestSchema.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Office Word 2003 Look.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDCNCL.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_hyperlink.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SLERROR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099174.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSRuntime.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\misc.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf 3697516955.exe File opened for modification C:\Program Files\Windows Journal\InkSeg.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02361_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00170_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\XLSTART\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\EquityFax.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\decora-sse.dll 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavcodec.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Office64MUISet.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageStyle.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\SONORA.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsColorChart.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Edmonton 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+8 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pago_Pago 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0213449.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR37F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL048.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103850.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287645.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03425I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115843.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Danmarkshavn 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpnssci.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_GreenTea.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACECORE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.WIH 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Composite.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msador15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Generic.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\LASER.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240811.profile.gz 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\nssckbi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00008_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196400.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199805.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21297_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\IPEDINTL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02218_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4F.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CGMIMP32.HLP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BREAK.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14844_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.DOC 3697516955.exe File created C:\Program Files\Common Files\System\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL090.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00723_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00217_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\TURABIAN.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Budapest 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-TW.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\MMSS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\StopIconMask.bmp 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00164_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0158071.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00052_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01040_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090783.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107146.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\VelvetRose.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS4BOXES.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginDialogBackground.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ts_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieinstal.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\GWE.ICO 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\bn.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL093.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Grand_Turk 3697516955.exe File created C:\Program Files\Microsoft Office\Office14\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107342.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSTORES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IE.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02431_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\DELETE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Notebook03.onepkg 3697516955.exe File created C:\Program Files (x86)\WindowsPowerShell\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151073.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Center 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaprsr.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\net.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\net.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_off.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.PH.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\STUBBY2.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099152.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0252669.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01474_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14539_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Sydney 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\README.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.OPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Synchronization Services\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152430.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE06450_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ADD.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\Desktop\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\ssvagent.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00526_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00915_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152690.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01569_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnWD.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Music.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15022_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03014_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18193_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115876.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CURRENCY.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.SE.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\t2k.dll 3697516955.exe -
Drops file in Windows directory 14 IoCs
description ioc Process File created C:\Windows\Installer\f755a21.mst msiexec.exe File opened for modification C:\Windows\Installer\MSI5C53.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI624D.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8F88.tmp msiexec.exe File opened for modification C:\Windows\Installer\ msiexec.exe File opened for modification C:\Windows\Installer\MSI969D.tmp msiexec.exe File opened for modification C:\Windows\Installer\f755a24.ipi msiexec.exe File opened for modification C:\Windows\Installer\f755a21.mst msiexec.exe File opened for modification C:\Windows\Installer\MSI7B3B.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8D07.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI9083.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI6588.tmp msiexec.exe File created C:\Windows\Installer\f755a24.ipi msiexec.exe File opened for modification C:\Windows\Installer\MSI91CB.tmp msiexec.exe -
Modifies data under HKEY_USERS 3 IoCs
description ioc Process Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\25\52C64B7E msiexec.exe Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\25 msiexec.exe Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\26 msiexec.exe -
Modifies registry class 35 IoCs
description ioc Process Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\edit msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\open\command msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\DefaultIcon msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\DefaultIcon\ = "\"%1\"" msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\open msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\DefaultIcon msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit\command msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\edit\command msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit\command\ = "\"C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLED.EXE\" /verb edit \"%1\"" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open\command\ = "\"C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLED.EXE\" /verb open \"%1\"" msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open\command msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler\ = "{AB968F1E-E20B-403A-9EB8-72EB0EB6797E}" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe -
Suspicious behavior: EnumeratesProcesses 4554 IoCs
pid Process 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1292 msiexec.exe 1292 msiexec.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe -
Suspicious behavior: GetForegroundWindowSpam 2 IoCs
pid Process 1592 explorer.exe 364 explorer.exe -
Suspicious behavior: RenamesItself 1 IoCs
pid Process 1568 3697516955.exe -
Suspicious use of AdjustPrivilegeToken 144 IoCs
description pid Process Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: 33 948 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 948 AUDIODG.EXE Token: 33 948 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 948 AUDIODG.EXE Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeIncreaseQuotaPrivilege 1504 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeSecurityPrivilege 1292 msiexec.exe Token: SeCreateTokenPrivilege 1504 explorer.exe Token: SeAssignPrimaryTokenPrivilege 1504 explorer.exe Token: SeLockMemoryPrivilege 1504 explorer.exe Token: SeIncreaseQuotaPrivilege 1504 explorer.exe Token: SeMachineAccountPrivilege 1504 explorer.exe Token: SeTcbPrivilege 1504 explorer.exe Token: SeSecurityPrivilege 1504 explorer.exe Token: SeTakeOwnershipPrivilege 1504 explorer.exe Token: SeLoadDriverPrivilege 1504 explorer.exe Token: SeSystemProfilePrivilege 1504 explorer.exe Token: SeSystemtimePrivilege 1504 explorer.exe Token: SeProfSingleProcessPrivilege 1504 explorer.exe Token: SeIncBasePriorityPrivilege 1504 explorer.exe Token: SeCreatePagefilePrivilege 1504 explorer.exe Token: SeCreatePermanentPrivilege 1504 explorer.exe Token: SeBackupPrivilege 1504 explorer.exe Token: SeRestorePrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeDebugPrivilege 1504 explorer.exe Token: SeAuditPrivilege 1504 explorer.exe Token: SeSystemEnvironmentPrivilege 1504 explorer.exe Token: SeChangeNotifyPrivilege 1504 explorer.exe Token: SeRemoteShutdownPrivilege 1504 explorer.exe Token: SeUndockPrivilege 1504 explorer.exe Token: SeSyncAgentPrivilege 1504 explorer.exe Token: SeEnableDelegationPrivilege 1504 explorer.exe Token: SeManageVolumePrivilege 1504 explorer.exe Token: SeImpersonatePrivilege 1504 explorer.exe Token: SeCreateGlobalPrivilege 1504 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeIncreaseQuotaPrivilege 1592 explorer.exe Token: SeCreateTokenPrivilege 1592 explorer.exe Token: SeAssignPrimaryTokenPrivilege 1592 explorer.exe Token: SeLockMemoryPrivilege 1592 explorer.exe Token: SeIncreaseQuotaPrivilege 1592 explorer.exe Token: SeMachineAccountPrivilege 1592 explorer.exe Token: SeTcbPrivilege 1592 explorer.exe Token: SeSecurityPrivilege 1592 explorer.exe Token: SeTakeOwnershipPrivilege 1592 explorer.exe Token: SeLoadDriverPrivilege 1592 explorer.exe Token: SeSystemProfilePrivilege 1592 explorer.exe Token: SeSystemtimePrivilege 1592 explorer.exe Token: SeProfSingleProcessPrivilege 1592 explorer.exe Token: SeIncBasePriorityPrivilege 1592 explorer.exe Token: SeCreatePagefilePrivilege 1592 explorer.exe Token: SeCreatePermanentPrivilege 1592 explorer.exe Token: SeBackupPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeDebugPrivilege 1592 explorer.exe Token: SeAuditPrivilege 1592 explorer.exe Token: SeSystemEnvironmentPrivilege 1592 explorer.exe Token: SeChangeNotifyPrivilege 1592 explorer.exe Token: SeRemoteShutdownPrivilege 1592 explorer.exe Token: SeUndockPrivilege 1592 explorer.exe Token: SeSyncAgentPrivilege 1592 explorer.exe Token: SeEnableDelegationPrivilege 1592 explorer.exe Token: SeManageVolumePrivilege 1592 explorer.exe Token: SeImpersonatePrivilege 1592 explorer.exe Token: SeCreateGlobalPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe -
Suspicious use of FindShellTrayWindow 66 IoCs
pid Process 1088 DllHost.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe -
Suspicious use of SendNotifyMessage 69 IoCs
pid Process 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe -
Suspicious use of WriteProcessMemory 28 IoCs
description pid Process procid_target PID 1688 wrote to memory of 564 1688 Photo-125-137.jpg.scr 31 PID 1688 wrote to memory of 564 1688 Photo-125-137.jpg.scr 31 PID 1688 wrote to memory of 564 1688 Photo-125-137.jpg.scr 31 PID 1688 wrote to memory of 564 1688 Photo-125-137.jpg.scr 31 PID 1688 wrote to memory of 680 1688 Photo-125-137.jpg.scr 34 PID 1688 wrote to memory of 680 1688 Photo-125-137.jpg.scr 34 PID 1688 wrote to memory of 680 1688 Photo-125-137.jpg.scr 34 PID 1688 wrote to memory of 680 1688 Photo-125-137.jpg.scr 34 PID 680 wrote to memory of 1804 680 17078.exe 35 PID 680 wrote to memory of 1804 680 17078.exe 35 PID 680 wrote to memory of 1804 680 17078.exe 35 PID 680 wrote to memory of 1804 680 17078.exe 35 PID 1804 wrote to memory of 1568 1804 winsvcs.exe 37 PID 1804 wrote to memory of 1568 1804 winsvcs.exe 37 PID 1804 wrote to memory of 1568 1804 winsvcs.exe 37 PID 1804 wrote to memory of 1568 1804 winsvcs.exe 37 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44
Processes
-
C:\Users\Admin\AppData\Local\Temp\Photo-125-137.jpg.scr"C:\Users\Admin\AppData\Local\Temp\Photo-125-137.jpg.scr" /S1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1688 -
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c start C:\Users\Admin\AppData\Local\Temp\25547.jpg2⤵PID:564
-
-
C:\Users\Admin\AppData\Local\Temp\17078.exeC:\Users\Admin\AppData\Local\Temp\17078.exe2⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Suspicious use of WriteProcessMemory
PID:680 -
C:\4281278655928\winsvcs.exeC:\4281278655928\winsvcs.exe3⤵
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
- Suspicious use of WriteProcessMemory
PID:1804 -
C:\Users\Admin\AppData\Local\Temp\3697516955.exeC:\Users\Admin\AppData\Local\Temp\3697516955.exe4⤵
- Executes dropped EXE
- Modifies extensions of user files
- Loads dropped DLL
- Drops desktop.ini file(s)
- Enumerates connected drives
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: RenamesItself
PID:1568
-
-
-
-
C:\Windows\SysWOW64\DllHost.exeC:\Windows\SysWOW64\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}1⤵
- Suspicious use of FindShellTrayWindow
PID:1088
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Drops desktop.ini file(s)
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1504
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4801⤵
- Suspicious use of AdjustPrivilegeToken
PID:948
-
C:\Windows\system32\msiexec.exeC:\Windows\system32\msiexec.exe /V1⤵
- Enumerates connected drives
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1292 -
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 1527246EA7059FADA727A3AA7132495E2⤵
- Loads dropped DLL
PID:1872
-
-
C:\Windows\system32\MsiExec.exeC:\Windows\system32\MsiExec.exe -Embedding 2EDE0356D3DBB64E16A0314313F8C7D42⤵
- Loads dropped DLL
PID:1532
-
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies service
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1592
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies service
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:364